NFStream is a multiplatform Python framework providing fast, flexible, and expressive data structures designed to make working with online or offline network data easy and intuitive. It aims to be Python's fundamental high-level building block for doing practical, real-world network flow data analysis. Additionally, it has the broader goal of becoming a unifying network data analytics framework for researchers providing data reproducibility across experiments. - Live Notebook - Project Website - Discussion Channel - Latest Release - Supported Versions - Project License - Continuous Integration - Code Quality - Table of Contents - Main Features - How to get it? - How to use it? - Encrypted application identification and metadata extraction - System visibility - Post-mortem statistical flow features extraction - Early statistical flow features extraction - Pandas export interface - CSV export interface - Extending NFStream - Machine Learning models training and deployment - Training the model - ML powered streamer on live traffic - Building from sources - Contributing - Ethics - Credits - Citation - Authors - Supporting organizations - Publications that use NFStream - License Main Features: - Performance: NFStream is designed to be fast: AF_PACKET
FEATURES
ALTERNATIVES
An open-source security tool for testing data center resiliency to perimeter breaches and internal server infection.
A next-generation network scanner for identifying security configuration weaknesses in devices like routers, firewalls, and switches.
A Docker container that starts a SSH honeypot and reports statistics to the SANS ISC DShield project
Open source framework for network traffic analysis with advanced features.
A set of interrelated detection rules for improving detection and hunting visibility and context
PINNED

ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.