0x4D31 / quick
QUICk - a go library based on gopacket for analyzing QUIC CHLO messages
☆23Updated 4 years ago
Related projects: ⓘ
- Accurate, modular, scalable PCAP manipulation tool written in Go.☆85Updated 4 months ago
- Extract TLS certificates from pcap files or network interfaces, fingerprint TLS client/server interactions with ja3/ja3s☆38Updated 4 years ago
- Go implementation of the Community ID flow hashing standard☆19Updated 3 weeks ago
- Automatically enumerate and fingerprint SD-WAN nodes on the internet☆50Updated 3 years ago
- Freki is a tool to manipulate packets in usermode using NFQUEUE and golang.☆57Updated last year
- Network Tools☆32Updated 9 months ago
- Yara powered NIDS with high speed packet capture powered by PF_RING☆66Updated 4 months ago
- Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.☆23Updated 3 years ago
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆32Updated this week
- IP ASN History to find ASN announcing an IP and the closest prefix announcing it at a specific date☆91Updated 2 months ago
- Plugin providing AF_XDP support for Bro.☆14Updated 3 years ago
- GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor☆75Updated last year
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆50Updated 2 months ago
- Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…☆22Updated 8 years ago
- D4 core software (server and sample sensor client)☆43Updated 8 months ago
- DHCP Fingerprinting☆27Updated 3 years ago
- BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN)☆68Updated 2 months ago
- Golang based web service to scan files with yara rules☆26Updated 7 years ago
- We publish indicators of compromise related to our stories here. See https://blog.team-cymru.com/ for more information.☆9Updated 3 years ago
- Script for pcap modification, reconstruction and anonymization☆16Updated 3 years ago
- Zeek package to generate a SMB client fingerprint☆26Updated 4 years ago
- A tool to generate log messages related to interfaces, neighbor cache (ARP,NDP), IP address, routing, FIB rules, traffic control.☆30Updated 6 years ago
- Passive DHCP fingerprinting implementation☆49Updated 8 years ago
- This repository contains tools used by 401trg.☆19Updated 3 years ago
- Bro analyzer that detects Google's QUIC protocol☆10Updated 3 years ago
- Collect autorun records from running system☆59Updated 2 years ago
- A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.☆33Updated 2 years ago
- Snort/Suricata DAQ module with DPDK patch☆10Updated 5 months ago
- ssh key exchange layer for scapy☆13Updated 9 years ago
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 3 years ago