f18m / large-pcap-analyzer
A command-line utility program that performs some simple operations on PCAP files (Wireshark/tcpdump traces) very quickly. Allows you to manipulate very large PCAP files that cannot be easily handled with other software like Wireshark (or tshark). Supports filtering encapsulated GTPu frames. Easily extendible.
☆100Updated 8 months ago
Alternatives and similar repositories for large-pcap-analyzer:
Users that are interested in large-pcap-analyzer are comparing it to the libraries listed below
- calculate flow information from PCAP and extract tcp streams☆69Updated 6 months ago
- Packet capture libraries benchmark☆34Updated 4 years ago
- FlowScope is an oscilloscope for your network traffic. It records all traffic continuously in a ring buffer and dumps specific flows to d…☆91Updated 6 years ago
- High Speed PCAP to JSON conversion utility☆102Updated 7 months ago
- High performance Deep Packet Inspection (DPI) framework to identify L7 protocols and extract and process data and metadata from network t…☆118Updated 4 years ago
- Network traffic classification library that requires minimal application payload☆211Updated 5 months ago
- Diff two or more PCAP files☆106Updated 3 years ago
- System for network traffic analysis and anomaly detection.☆89Updated 3 months ago
- Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…☆23Updated 8 years ago
- Lua script for split big PCAP file in few little PCAP's by tcp stream id.☆24Updated 7 years ago
- Snort DPDK DAQ module with multiqueue support - Primarily for Napatech NICs☆29Updated 6 years ago
- This tool can replay a pcap capture at wire speed on several 10Gbps links.☆67Updated 4 years ago
- Accurate, modular, scalable PCAP manipulation tool written in Go.☆86Updated 9 months ago
- Ipsumdump and other programs for command-line network trace manipulation.☆37Updated 11 months ago
- User-friendly C Library to perform TCP streams reassembly and IPv4/6 defragmentation☆108Updated 6 years ago
- Collection of "bad" packets in PCAPs that can be used for testing software☆17Updated 6 years ago
- Plugin providing AF_XDP support for Bro.☆14Updated 3 years ago
- aka GENESIDS: Reads and parses rules using a "snort like" syntax and generates and sends packets that trigger events in signature based I…☆22Updated 6 years ago
- A simple utility to classify packets into flows. It's so simple that only one task is aimed to finish. For Deep Packet Inspection or flo…☆167Updated last year
- SD-WAN security and insecurity☆168Updated 4 years ago
- Suricata Extreme Performance Tuning guide - Mark II☆115Updated 6 years ago
- It is a platform to use multiprocess to combine dpdk and libnids together to support analyse packets in 10G port.☆38Updated 10 years ago
- DDOS Detection and Mitigation Appliance☆66Updated 7 years ago
- C Library for working with network packet traces☆158Updated 2 months ago
- Netfilter kernel module for Deep Packet Inspection filtering☆47Updated 6 years ago
- add dpdk interface and packet processing to suricata in worker mode☆63Updated 4 years ago
- Decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols, can also remove IEEE 802.1Q (virtual lan) header. Works w…☆32Updated 6 years ago
- High level language for describing protocol parsers.☆73Updated last month
- DPDK-Dump is able to store on disk network traffic at high speed using DPDK library.☆33Updated 9 years ago
- Packet editor using TRex scapy server☆39Updated 5 years ago