NFStream
NFStream is a multiplatform Python framework providing fast, flexible, and expressive data structures designed to make working with online or offline network data easy and intuitive. It aims to be Python's fundamental high-level building block for doing practical, real-world network flow data analysis. Additionally, it has the broader goal of becoming a unifying network data analytics framework for researchers providing data reproducibility across experiments. - Live Notebook - Project Website - Discussion Channel - Latest Release - Supported Versions - Project License - Continuous Integration - Code Quality - Table of Contents - Main Features - How to get it? - How to use it? - Encrypted application identification and metadata extraction - System visibility - Post-mortem statistical flow features extraction - Early statistical flow features extraction - Pandas export interface - CSV export interface - Extending NFStream - Machine Learning models training and deployment - Training the model - ML powered streamer on live traffic - Building from sources - Contributing - Ethics - Credits - Citation - Authors - Supporting organizations - Publications that use NFStream - License Main Features: - Performance: NFStream is designed to be fast: AF_PACKET
FEATURES
ALTERNATIVES
JARM is a TLS server fingerprinting tool used for identifying server configurations and malicious infrastructure.
High-performance remote packet capture and collection tool used for forensic analysis in cloud workloads.
A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts
netsniff-ng is a free Linux networking toolkit with zero-copy mechanisms for network development, analysis, and auditing.
Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.
SSHGuard protects hosts from brute-force attacks by monitoring system logs, detecting attacks, and blocking attackers using a firewall.
A utility to generate malicious network traffic for security evaluation.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.