zeek / binpac
High level language for describing protocol parsers.
☆71Updated last month
Related projects: ⓘ
- User-friendly C Library to perform TCP streams reassembly and IPv4/6 defragmentation☆107Updated 6 years ago
- Packet capture libraries benchmark☆32Updated 3 years ago
- A command-line utility program that performs some simple operations on PCAP files (Wireshark/tcpdump traces) very quickly. Allows you to …☆93Updated 4 months ago
- The Compressed Pcap Packet Indexing Program☆27Updated 8 years ago
- tcp reassembly☆26Updated 2 years ago
- It is a platform to use multiprocess to combine dpdk and libnids together to support analyse packets in 10G port.☆38Updated 9 years ago
- Collection of "bad" packets in PCAPs that can be used for testing software☆17Updated 6 years ago
- A fast parser for DNS pcap data.☆70Updated 7 years ago
- calculate flow information from PCAP and extract tcp streams☆68Updated last month
- libnids☆105Updated 8 months ago
- Zeek's Messaging Library☆64Updated this week
- LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces.☆288Updated last month
- FlowScope is an oscilloscope for your network traffic. It records all traffic continuously in a ring buffer and dumps specific flows to d…☆90Updated 5 years ago
- ☆20Updated 2 years ago
- Netfilter kernel module for Deep Packet Inspection filtering☆45Updated 6 years ago
- Netflow is a key component for network traffic monitoring. As high speed technologies such as 10 Gbps or 40 Gbps links are common in a ba…☆21Updated 9 years ago
- High performance Deep Packet Inspection (DPI) framework to identify L7 protocols and extract and process data and metadata from network t…☆114Updated 3 years ago
- System for network traffic analysis and anomaly detection.☆84Updated last month
- Libnids is an implementation of an E-component of Network Intrusion Detection System. It emulates the IP stack of Linux 2.0.x. Libnids of…☆53Updated 8 years ago
- DSSL library: network capture and SSL decryption toolkit☆25Updated 5 years ago
- Plugin providing AF_XDP support for Bro.☆14Updated 3 years ago
- You can find *a lot* of libcrafter code right over here☆53Updated 7 years ago
- ☆24Updated 11 years ago
- Automatically exported from code.google.com/p/netmap-libpcap☆77Updated 2 years ago
- Decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols, can also remove IEEE 802.1Q (virtual lan) header. Works w…☆32Updated 5 years ago
- Example application of how to passively monitor multiple sockets on Linux.☆73Updated 6 years ago
- Rusticata: Rust parsers for Suricata (test code)☆96Updated 3 weeks ago
- Snort DPDK DAQ module with multiqueue support - Primarily for Napatech NICs☆28Updated 5 years ago
- **NOTE**: This is outdated and no longer maintained. There's a new version at https://github.com/zeek/spicy.☆40Updated 7 years ago
- Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…☆22Updated 8 years ago