Testimony is a single-machine, multi-process architecture for sharing AF_PACKET data across processes, allowsing packets to be copied from NICs into memory a single time, then shared across multiple processes.
☆109Aug 6, 2021Updated 4 years ago
Alternatives and similar repositories for testimony
Users that are interested in testimony are comparing it to the libraries listed below
Sorting:
- Clerk is an open-source IPFIX generator using https://github.com/google/testimony for packet sniffing☆38May 3, 2018Updated 7 years ago
- ☆19Aug 30, 2021Updated 4 years ago
- Validate if afpacket PACKET_FANOUT_HASH is working properly☆25May 19, 2022Updated 3 years ago
- Dockerized Zeek☆12Mar 9, 2024Updated 2 years ago
- Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files☆44May 9, 2024Updated last year
- Generate network maps from packet captures☆30Sep 15, 2019Updated 6 years ago
- ☆24Mar 29, 2020Updated 5 years ago
- The Compressed Pcap Packet Indexing Program☆30Nov 10, 2015Updated 10 years ago
- Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of…☆1,800Jul 26, 2021Updated 4 years ago
- Time-Machine Dynamic Bulk Packet Recorder☆36Apr 21, 2025Updated 10 months ago
- gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that…☆193Jul 18, 2025Updated 8 months ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Apr 21, 2020Updated 5 years ago
- ☆19Dec 8, 2015Updated 10 years ago
- GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor☆80Sep 13, 2023Updated 2 years ago
- ☆14Jan 14, 2026Updated 2 months ago
- This repo aims to offer a packet flow tracer based on bpf☆13Oct 6, 2019Updated 6 years ago
- Pure rust implementation of libvirt protocol (no C bindings required) 🔥🔥🔥☆18Dec 27, 2018Updated 7 years ago
- Network timing evaluation used to detect beacons, works with argus flow as the source☆20May 4, 2016Updated 9 years ago
- Automate SSH key management☆66Oct 26, 2022Updated 3 years ago
- ☆21Oct 16, 2021Updated 4 years ago
- (OBSOLETE) Plugins for Bro☆53Sep 13, 2017Updated 8 years ago
- Native Golang implementation of the PCEP protocol☆13Jul 17, 2020Updated 5 years ago
- The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.☆143Mar 6, 2026Updated 2 weeks ago
- IPFIX parser package for Go☆48Aug 23, 2018Updated 7 years ago
- Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detec…☆28Apr 18, 2018Updated 7 years ago
- Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.☆23Feb 9, 2021Updated 5 years ago
- HTTP Keyserver Protocol (HKP) handlers☆13Apr 25, 2018Updated 7 years ago
- Go implementation of the Community ID flow hashing standard☆22Apr 17, 2025Updated 11 months ago
- Dockerfiles for NSM tools☆84Apr 14, 2017Updated 8 years ago
- Miscellaneous scripts for analyzing protocols and systems☆14Jun 24, 2016Updated 9 years ago
- A RESTful API frontend for Stenographer☆54Dec 7, 2022Updated 3 years ago
- Bro analyzer that detects Google's QUIC protocol☆10Mar 2, 2021Updated 5 years ago
- An open standard for hashing network flows into identifiers, a.k.a "Community IDs".☆194Sep 23, 2024Updated last year
- ☆15Aug 9, 2016Updated 9 years ago
- Functional Network Framework for Multi-Core Architectures☆522May 2, 2019Updated 6 years ago
- etcd + exabgp☆28Jun 9, 2014Updated 11 years ago
- Dashboards and loader for ROCK NSM dashboards☆49Mar 13, 2023Updated 3 years ago
- Plugin providing native AF_Packet support for Zeek.☆33Oct 22, 2025Updated 4 months ago
- C code indexer using language semantic from clang☆60Apr 3, 2019Updated 6 years ago