ssallys / p3
An open source pcap packet and NetFlow file analysis tool using Hadoop MapReduce and Hive.
☆43Updated 11 years ago
Alternatives and similar repositories for p3:
Users that are interested in p3 are comparing it to the libraries listed below
- Hadoop library to read packet capture (PCAP) files☆210Updated last year
- Packetpig - Open Source Big Data Security Analytics☆298Updated 6 years ago
- User interface for OpenSOC☆100Updated 9 years ago
- Ipython notebook that illustrates effectiveness of machine learning algorithms in anomaly detection of netflow data (inbound/outbound DDo…☆78Updated 8 years ago
- Extensible set of Storm topologies and topology attributes for streaming, enriching, indexing, and storing telemetry in Hadoop.☆132Updated last year
- calculate flow information from PCAP and extract tcp streams☆69Updated 9 months ago
- Apache Metron☆59Updated 4 years ago
- Extending OVS with DPI functionalities☆16Updated 9 years ago
- (OBSOLETE) Plugins for Bro☆53Updated 7 years ago
- Flow-Indexer indexes flows found in chunked log files from bro,nfdump,syslog, or pcap files☆44Updated last year
- Time-Machine Dynamic Bulk Packet Recorder☆36Updated 2 weeks ago
- BGP Hijack Detection☆111Updated 7 years ago
- Bro-IDS scripts☆50Updated 8 years ago
- Hogzilla is an Intrusion Detection System (IDS) supported by Snort, Apache Spark, HBase and libnDPI, which provides Network Anomaly Detec…☆28Updated 7 years ago
- Lightweight DNS telemetry☆54Updated 3 years ago
- Flow-based SSH intrusion detection system (NfSen plugin)☆41Updated 9 years ago
- Hakabana monitoring tool using Haka, ElastcSearch and Kibana☆20Updated 10 years ago
- Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…☆23Updated 9 years ago
- The stratosphere testing framework is mean to help in the researching and verification of the behavioral models used by the Stratoshpere …☆50Updated 7 years ago
- Vagrantfile and scripts for building a disposable OpenSOC Cluster☆29Updated 8 years ago
- Connectors for the Zeek NetControl framework☆19Updated 3 months ago
- Expandable Defensive Cyber Operations Platform☆43Updated 2 years ago
- Rule sets for Sagan☆103Updated 4 years ago
- vagrant multi-machine: Moloch, Bro,Suricata,ElasticSearch,Kibana☆41Updated 10 years ago
- Plugin providing AF_XDP support for Bro.☆14Updated 3 years ago
- DDOS Detection and Mitigation Appliance☆67Updated 8 years ago
- Web service for scanning pcaps with snort☆109Updated 6 years ago
- Reassembles UDP/TCP packets into application layer messages.☆42Updated 7 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Python client for the whois.cymru.com service☆44Updated 8 years ago