f18m / large-pcap-analyzerLinks
A command-line utility program that performs some simple operations on PCAP files (Wireshark/tcpdump traces) very quickly. Allows you to manipulate very large PCAP files that cannot be easily handled with other software like Wireshark (or tshark). Supports filtering encapsulated GTPu frames. Easily extendible.
☆110Updated 3 months ago
Alternatives and similar repositories for large-pcap-analyzer
Users that are interested in large-pcap-analyzer are comparing it to the libraries listed below
Sorting:
- High Speed PCAP to JSON conversion utility☆104Updated last year
- High performance Deep Packet Inspection (DPI) framework to identify L7 protocols and extract and process data and metadata from network t…☆119Updated 4 years ago
- FlowScope is an oscilloscope for your network traffic. It records all traffic continuously in a ring buffer and dumps specific flows to d…☆90Updated 6 years ago
- Ipsumdump and other programs for command-line network trace manipulation.☆38Updated last year
- Packet capture libraries benchmark☆34Updated 4 years ago
- calculate flow information from PCAP and extract tcp streams☆70Updated 11 months ago
- Accurate, modular, scalable PCAP manipulation tool written in Go.☆91Updated last year
- Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…☆23Updated 9 years ago
- DDOS Detection and Mitigation Appliance☆67Updated 8 years ago
- C Library for working with network packet traces☆162Updated last month
- SD-WAN security and insecurity☆171Updated 4 years ago
- System for network traffic analysis and anomaly detection.☆91Updated last week
- Lua script for split big PCAP file in few little PCAP's by tcp stream id.☆24Updated 7 years ago
- Tools for programmatic parsing of packet captures using Wireshark functionality☆95Updated 11 years ago
- Performs IP reassembly and strips off extraneous encapsulation (VLANs, MPLS, GRE, L2TP) in pcap files☆61Updated last year
- Plugin providing AF_XDP support for Bro.☆14Updated 4 years ago
- Snort DPDK DAQ module with multiqueue support - Primarily for Napatech NICs☆28Updated 6 years ago
- High performance time ordered PCAP merging utility☆23Updated 3 years ago
- Diff two or more PCAP files☆109Updated 3 years ago
- Tiny nDPI based deep packet inspection daemons / toolkit.☆84Updated last month
- Web PCAP storage and analytics☆184Updated 2 years ago
- Collection of "bad" packets in PCAPs that can be used for testing software☆19Updated 7 years ago
- A set of tools to transfer data over a unidirectional network link (typically a network diode).☆55Updated 8 years ago
- Network traffic classification library that requires minimal application payload☆212Updated 11 months ago
- User-friendly C Library to perform TCP streams reassembly and IPv4/6 defragmentation☆109Updated 7 years ago
- GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor☆78Updated last year
- CapAnalysis source code repository☆87Updated 6 years ago
- fast, extensible, versatile event router for Suricata's EVE-JSON format☆54Updated 3 months ago
- Decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols, can also remove IEEE 802.1Q (virtual lan) header. Works w…☆33Updated 6 years ago
- Suricata Extreme Performance Tuning guide - Mark II☆117Updated 7 years ago