johnbumgarner / pyshark_usage_overview
This repository contains usage documentation for the Python module PyShark. It also provides various Python methods for processing, filtering and analyzing packet data using PyShark.
☆41Updated 4 months ago
Related projects ⓘ
Alternatives and complementary repositories for pyshark_usage_overview
- Pure python parser for Snort/Suricata rules.☆27Updated 8 months ago
- ☆44Updated 6 years ago
- DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic☆38Updated 3 months ago
- ☆29Updated 8 months ago
- A python library to extract TCP sessions from PCAPs.☆22Updated 4 years ago
- Python based CLI for MalwareBazaar☆36Updated 3 weeks ago
- A CALDERA Plugin Template☆15Updated 6 months ago
- Suricata rule and intel index☆29Updated last month
- Collection of Snort 2/3 rules.☆32Updated 6 years ago
- Packet captures of malicious traffic for analysis using Wireshark☆54Updated last year
- A curated dataset of malware and benign Windows executable samples for malware researchers☆39Updated last month
- tshark + ELK analytics virtual machine☆66Updated 2 years ago
- A tool to automatically decode and translate any TCP hexa payload data form any language to english.☆17Updated 2 years ago
- Linux based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Sigma☆20Updated 11 months ago
- File analysis and management framework.☆72Updated last year
- VolMemLyzer (Volatility Memory Analyzer) is a feature extraction module which use Volatility plugins to extract memory features to genera…☆30Updated 5 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes☆42Updated 9 months ago
- Decrypt TLS traffic from a pcap file☆23Updated last year
- ☆23Updated 7 months ago
- A wireshark/tshark plugin for the JA3 TLS Client Fingerprinting Algorithm☆56Updated last year
- Pcap-splitter allows you to split a pcap file into subsets of pcap files based on sessions, flows, ip addresses, number of bytes, number …☆65Updated 5 years ago
- Modular malware analysis artifact collection and correlation framework☆52Updated 6 months ago
- ☆24Updated this week
- A completely automated anomaly detector Zeek network flows files (conn.log).☆74Updated 3 months ago
- Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules☆49Updated last year
- A list of attacks or malware using steganography or information hiding☆56Updated 9 months ago
- A set of PCAPs used to test the parsers used by Malcolm. Also, a curated list of PCAP collections I've found online.☆32Updated this week
- Fast lookup server for NSRL and other hash database used in digital forensic☆41Updated 2 years ago
- ☆29Updated this week