Open source software for leveraging insights from flow and packet analysis to identify potential security threats or attacks.
A simple utility to classify packets into flows using the 4-tuple (src_ip, dst_ip, src_port, dst_port) without further processing, saving each flow into a pcap file named with the 4-tuple and the timestamp of the first packet of the flow. The tool is designed for Deep Packet Inspection or flow classification purposes.
Open source software for leveraging insights from flow and packet analysis to identify potential security threats or attacks.
A multi-threaded intrusion detection system using Yara for network and stream IDS
Netis Cloud Probe is an open source project for capturing and analyzing network packets across different machines.
A collection of PCAPs for ICS/SCADA utilities and protocols with the option for users to contribute.
Unfurl is a URL analysis tool that extracts and visualizes data from URLs, breaking them down into components and presenting the information visually.
A simple IOC scanner bash script for Linux/Unix/OSX systems