NFStream is a multiplatform Python framework providing fast, flexible, and expressive data structures designed to make working with online or offline network data easy and intuitive. It aims to be Python's fundamental high-level building block for doing practical, real-world network flow data analysis. Additionally, it has the broader goal of becoming a unifying network data analytics framework for researchers providing data reproducibility across experiments. - Live Notebook - Project Website - Discussion Channel - Latest Release - Supported Versions - Project License - Continuous Integration - Code Quality - Table of Contents - Main Features - How to get it? - How to use it? - Encrypted application identification and metadata extraction - System visibility - Post-mortem statistical flow features extraction - Early statistical flow features extraction - Pandas export interface - CSV export interface - Extending NFStream - Machine Learning models training and deployment - Training the model - ML powered streamer on live traffic - Building from sources - Contributing - Ethics - Credits - Citation - Authors - Supporting organizations - Publications that use NFStream - License Main Features: - Performance: NFStream is designed to be fast: AF_PACKET
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Tor Browser is a free and open-source software that allows users to browse the internet anonymously and privately.
A Bluetooth 5 and 4.x sniffer using TI CC1352/CC26x2 hardware with advanced features and Python-based host-side software.
A Linux command-line tool that allows you to kill in-progress TCP connections based on a filter expression, useful for libnids-based applications that require a full TCP 3-way handshake for TCB creation.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
A suite for man in the middle attacks, featuring sniffing of live connections, content filtering, and protocol dissection.
Unfurl is a URL analysis tool that extracts and visualizes data from URLs, breaking them down into components and presenting the information visually.
Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.
Suricata offers real-time intrusion detection, intrusion prevention, and network monitoring.
Tcpdump is a command-line packet analyzer for capturing and analyzing network traffic.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.