benjeems/packetStrider

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/benjeems/packetStrider)

benjeems / packetStrider

A network packet forensics tool for SSH

☆254

Alternatives and similar repositories for packetStrider

Users that are interested in packetStrider are comparing it to the libraries listed below

Sorting:

0x4D31 / fatt
View on GitHub
FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network …
☆681Oct 28, 2023Updated 2 years ago
CERT-Polska / hfinger
View on GitHub
Hfinger - fingerprinting HTTP requests
☆143May 16, 2023Updated 2 years ago
DevoInc / pCraft
View on GitHub
pCraft is a PCAP Crafter, which creates a PCAP from an AMI scenario.
☆92Apr 11, 2024Updated last year
micrictor / spl-spt
View on GitHub
Zeek plugin to generate data on per-packet sizes and intervals
☆14Apr 21, 2020Updated 5 years ago
corelight / cve-2021-44228
View on GitHub
Log4j Exploit Detection Logic for Zeek
☆19Nov 25, 2025Updated 3 months ago
salesforce / hassh
View on GitHub
HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints…
☆546May 1, 2025Updated 10 months ago
wightsci / MessageTableReader
View on GitHub
Read Windows message table entries.
☆11Feb 5, 2023Updated 3 years ago
taterhead / PCAP-Index
View on GitHub
Set of scripts to index PCAP files and retrieve packets
☆14Sep 10, 2015Updated 10 years ago
nodauf / Go-RouterSocks
View on GitHub
Router socks. One port socks for all the others.
☆69May 22, 2024Updated last year
theparanoids / rdfp
View on GitHub
Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
☆40Jun 20, 2023Updated 2 years ago
corelight / zeek-quic
View on GitHub
Bro analyzer that detects Google's QUIC protocol
☆10Mar 2, 2021Updated 5 years ago
randomuserid / Tylium
View on GitHub
Primary data pipelines for intrusion detection, security analytics and threat hunting
☆85Jan 9, 2022Updated 4 years ago
SuperCowPowers / zat
View on GitHub
Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark
☆451Updated this week
CIRCL / traceroute-circl
View on GitHub
Traceroute improved wrapper for CSIRT and CERT operators
☆40Oct 9, 2024Updated last year
target / halogen
View on GitHub
Automatically create YARA rules from malicious documents.
☆211May 16, 2022Updated 3 years ago
adulau / DomainClassifier
View on GitHub
DomainClassifier is a Python (2/3) library to extract and classify Internet domains/hostnames/IP addresses from raw unstructured text fil…
☆80Jan 31, 2024Updated 2 years ago
theparanoids / spicy-noise
View on GitHub
A Spicy protocol analyzer for WireGuard
☆29Aug 11, 2020Updated 5 years ago
theflakes / reg_hunter
View on GitHub
Blueteam operational triage registry hunting/forensic tool.
☆149Sep 2, 2025Updated 6 months ago
tenzir / tenzir
View on GitHub
Tenzir is the data pipeline engine for security teams.
☆727Updated this week
uforia / exitgather
View on GitHub
Tool for automatic list generation of known TOR and VPN exit nodes
☆29Dec 21, 2023Updated 2 years ago
dtmsecurity / 3aj-lib
View on GitHub
Proof of concept communications from C# via a web browser process
☆21Feb 15, 2019Updated 7 years ago
open-nsm / ContainNSM
View on GitHub
Dockerfiles for NSM tools
☆84Apr 14, 2017Updated 8 years ago
salesforce / ja3
View on GitHub
JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.
☆3,073May 1, 2025Updated 10 months ago
vp777 / procrustes
View on GitHub
A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering
☆210Nov 29, 2020Updated 5 years ago
neolea / neolea-training-materials
View on GitHub
Open source training materials for law-enforcement and organisations interested in DFIR.
☆63May 30, 2025Updated 9 months ago
mixmodeai / bro_intel_linter
View on GitHub
Bro Intel Feed Linter
☆26Aug 30, 2019Updated 6 years ago
JustinAzoff / flow-indexer
View on GitHub
Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files
☆44May 9, 2024Updated last year
zeek / zeek-agent
View on GitHub
This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
☆124Nov 19, 2020Updated 5 years ago
rocknsm / rock-scripts
View on GitHub
Bro scripts for the ROCK platform. http://rocknsm.io
☆34Jul 2, 2023Updated 2 years ago
target / strelka
View on GitHub
Real-time, container-based file scanning at enterprise scale
☆978Mar 6, 2026Updated 2 weeks ago
Concinnity-Risks / LogisticalBudget
View on GitHub
This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…
☆35Feb 27, 2019Updated 7 years ago
orlikoski / CDQR
View on GitHub
The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…
☆343Jun 25, 2022Updated 3 years ago
AdrianCitu / burp-tabnabbing-extension
View on GitHub
Burp Suite Professional extension in Java for Tabnabbing attack
☆13May 8, 2018Updated 7 years ago
weslambert / securityonion-strelka
View on GitHub
☆13Oct 7, 2019Updated 6 years ago
corelight / zeek-community-id
View on GitHub
Zeek support for Community ID flow hashing.
☆36Jul 11, 2023Updated 2 years ago
OTRF / Security-Datasets
View on GitHub
Re-play Security Events
☆1,728Mar 20, 2024Updated 2 years ago
pevma / SEPTun
View on GitHub
Suricata Extreme Performance Tuning guide
☆213Mar 15, 2018Updated 8 years ago
appliedsec / forensicscanner
View on GitHub
Forensic Scanner
☆41Nov 29, 2012Updated 13 years ago
sbousseaden / PCAP-ATTACK
View on GitHub
PCAP Samples for Different Post Exploitation Techniques
☆368Apr 29, 2021Updated 4 years ago