NFStream
NFStream is a multiplatform Python framework providing fast, flexible, and expressive data structures designed to make working with online or offline network data easy and intuitive. It aims to be Python's fundamental high-level building block for doing practical, real-world network flow data analysis. Additionally, it has the broader goal of becoming a unifying network data analytics framework for researchers providing data reproducibility across experiments. - Live Notebook - Project Website - Discussion Channel - Latest Release - Supported Versions - Project License - Continuous Integration - Code Quality - Table of Contents - Main Features - How to get it? - How to use it? - Encrypted application identification and metadata extraction - System visibility - Post-mortem statistical flow features extraction - Early statistical flow features extraction - Pandas export interface - CSV export interface - Extending NFStream - Machine Learning models training and deployment - Training the model - ML powered streamer on live traffic - Building from sources - Contributing - Ethics - Credits - Citation - Authors - Supporting organizations - Publications that use NFStream - License Main Features: - Performance: NFStream is designed to be fast: AF_PACKET
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A suite for man in the middle attacks, featuring sniffing of live connections, content filtering, and protocol dissection.
A free DNS recursive service that blocks malicious host names and protects user privacy.
A Linux command-line tool that allows you to kill in-progress TCP connections based on a filter expression, useful for libnids-based applications that require a full TCP 3-way handshake for TCB creation.
NBD (Network Block Device) is a network protocol implementation that allows clients to access remote block devices over a network as if they were local storage.
Suricata offers real-time intrusion detection, intrusion prevention, and network monitoring.
Tor Browser is a free and open-source software that allows users to browse the internet anonymously and privately.
Tcpreplay is a suite of Open Source utilities for editing and replaying captured network traffic.
Tcpdump is a command-line packet analyzer for capturing and analyzing network traffic.
PINNED
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.