IQTLabs / pcapplotLinks
PCAPPlot provides a quick visual snapshot, or thumbnail, of a network packet capture (PCAP file) from the perspective of a single host/device in four distinct areas: who it is talking to externally, who it is talking to internally, the source ports it is communicating on, and the destination ports it is communicating to.
☆17Updated 4 years ago
Alternatives and similar repositories for pcapplot
Users that are interested in pcapplot are comparing it to the libraries listed below
Sorting:
- A platform built for easy-to-use automated network traffic analysis☆60Updated 3 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆124Updated 5 years ago
- CyRIS: Cyber Range Instantiation System☆109Updated last year
- Generate network maps from packet captures☆30Updated 6 years ago
- Detect cryptocurrency mining traffic with Zeek.☆46Updated 4 years ago
- An extensible honeypot framework☆95Updated 3 years ago
- Ready to run scripts for network analysis☆91Updated 10 months ago
- Extract files from network traffic with Zeek.☆102Updated 5 years ago
- Wireshark plugin to display Suricata analysis info☆95Updated 4 years ago
- CIF v3 -- the fastest way to consume threat intelligence☆183Updated 2 years ago
- The Official Github Repository of Daemonlogger☆22Updated 4 years ago
- a network packet capture compiler☆205Updated 3 years ago
- Pivotable Reverse WhoIs / PDNS Fusion with Registrant Tracking & Alerting plus API for automated queries (JSON/CSV/TXT)☆159Updated 4 years ago
- Sandia Cyber Omni Tracker (SCOT)☆253Updated last year
- Potiron - Normalize, Index and Visualize Network Capture☆88Updated 6 years ago
- Bro/Zeek integration with osquery☆94Updated 5 years ago
- Code + documentation for the public GreyNoise API☆315Updated 4 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 7 years ago
- stoQ Public Plugins☆71Updated 2 years ago
- A RESTful API frontend for Stenographer☆54Updated 3 years ago
- Open source tools for realistic-behaving electric grid honeynets☆60Updated 10 years ago
- Malware/IOC ingestion and processing engine☆109Updated 7 years ago
- Dockerfiles for NSM tools☆84Updated 8 years ago
- Deception based detection techniques mapped to the MITRE’s ATT&CK framework☆291Updated 8 years ago
- A web-based tool to assist the work of the intuitive threat analysts.☆114Updated 7 years ago
- Passive Real-time Asset Detection System☆249Updated last year
- An open source framework for enterprise level automated analysis.☆396Updated 3 years ago
- Bro IDS Dockerfile☆129Updated 6 years ago
- The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.☆144Updated 2 weeks ago
- ☆174Updated 4 years ago