Open Source Python Network Monitoring Software

elmoCut aims to make arp spoofing easy for all users with all the hard work done under the hood. One of it's main features is to use as low CPU and RAM usage as possible while offering nearly the same results as other closed source spoofers.

The Open IPMI project aims to develop an open code base to allow access to platform information using Intelligent Platform Management Interface (IPMI).

OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization

Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and Grids. It is based on a hierarchical design targeted at federations of clusters. Supports clusters up to 2000 nodes in size.

SIGAR (System Information Gatherer and Reporter) is a cross-platform, cross-language library and command-line tool for accessing operating system and hardware level information in Java, Perl and .NET.

DenyHosts is a python program that automatically blocks ssh attacks by adding entries to /etc/hosts.deny. DenyHosts will also inform Linux administrators about offending hosts, attacked users and suspicious logins. This project is being actively developed on GitHub (https://github.com/denyhosts)

Zenoss provides software-defined IT operations for the world’s largest organizations. We deliver the ultimate level of IT service health with simplicity by providing the most granular and intelligent IT service modeling possible, at any scale, and sharing these unique insights with other IT operations management (ITOM) tools to make them more efficient. Zenoss Community Edition is not a “demo” or trial version of Zenoss Enterprise or Zenoss Cloud! Before You install Zenoss Community Edition, check out Zenoss Cloud, our new Saas-based platform for intelligent IT operations management, designed for enterprise hybrid IT environments. https://www.zenoss.com/product/zenoss-cloud-it-operations-management Zenoss Cloud extends your monitoring capabilities well beyond those available in our Community Edition. View the differences here: https://www.zenoss.com/get-started Features of Zenoss Cloud include:

Glances is an open source, cross-platform monitoring tool that aims to provide a significant amount of monitoring information through a curses or Web-based interface. Depending on the size of the user interface, this information can then dynamically adapt. Glances can work in client/server mode, and is also capable of remote monitoring. All systems statistics can be exported to files or external time/value databases. Glances gets information from your system through various libraries, and is based on an open architecture, so you can add new plugins or export modules.

Master/node to gather and graph "everything" on your systems using Tobi Oetiker's rrdtool. It can optionally warn your surveillance software. This software package was originally called LRRD. The project. Please see http://munin-monitoring.org/

VNCed allows admins and teachers to monitor multiple workstations at the same time using VNC. There are a number of other VNC releated downloads available including MSI Creators/Installers for UltraVNC, Win32 version of RFBProxy and pyvnc2swf-py2exe

Nagstamon is a Nagios status monitor which resides in systray or desktop (Linux, macOS, Windows) as floating statusbar to inform you in realtime about the status of your hosts and services. It allows to connect to multiple Nagios based monitors. Currently supported are Nagios, Icinga, Opsview, Op5 Ninja, Check_MK Multisite, Centreon and Thruk.

Python API library and shell utilities to monitor file system events. A simple program that uses watchdog to monitor directories specified as command-line arguments and logs events generated. Watchdog comes with an optional utility script called watchmedo. Please type watchmedo --help at the shell prompt to know more about this tool. You can use the shell-command subcommand to execute shell commands in response to events. watchmedo can read tricks.yaml files and execute tricks within them in response to file system events. Tricks are actually event handlers that subclass watchdog.tricks.Trick and are written by plugin authors. Trick classes are augmented with a few additional features that regular event handlers don't need. The directory containing the tricks.yaml file will be monitored. Each trick class is initialized with its corresponding keys in the tricks.yaml file as arguments and events are fed to an instance of this class as they arrive.

Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used also in CapAnalysis: http://www.capanalysis.net

justniffer is a TCP sniffer. It reassembles and reorders packets and displays the tcp flow in a customizable way. It can log network traffic in web server log format. It can also log network services performances (e.g. web server response times) and extract http content (images, html, scripts, etc)

NTM Is a network traffic monitor for Linux (ubuntu, kubuntu, ecc). Characteristics: Integrate with linux NetworkManager; Autodisconnect when a threshold is reached; Day report; Console and Gui interface (gtk); Not need root privilege;

SNMP v1/v2c/v3 engine and apps written in pure-Python. Project moved to GitHub: https://github.com/etingof/pysnmp

Anti-procrastination website and application blocker with scheduling. Perfect for students and parents alike. A free and open-source alternative to Cold Turkey. Made by Dang Nam Anh, Truong Duc Quan and Trieu Tran Duc Tri.

Operative Systems Suported are: Linux-ubuntu, kali-linux, backtack-linux (un-continued), freeBSD, Mac osx (un-continued) Netool its a toolkit written using 'bash, python, ruby' that allows you to automate frameworks like Nmap, Driftnet, Sslstrip, Metasploit and Ettercap MitM attacks. this toolkit makes it easy tasks such as SNIFFING tcp/udp traffic, Man-In-The-Middle attacks, SSL-sniff, DNS-spoofing, D0S attacks in wan/lan networks, TCP/UDP packet manipulation using etter-filters, and gives you the ability to capture pictures of target webbrowser surfing (driftnet), also uses macchanger to decoy scans changing the mac address. Rootsector module allows you to automate some attacks over DNS_SPOOF + MitM (phishing - social engineering) using metasploit, apache2 and ettercap frameworks. Like the generation of payloads, shellcode, backdoors delivered using dns_spoof and MitM method to redirect a target to your phishing webpage. recent as introducted the scanner inurlbr (by cleiton)

Python module for the libpcap packet capture library, based on the original python libpcap module by Aaron Rhodes.

QOS is a monitoring system. It can monitor Cpu, Disk, Memory, etc. on a large number of hosts (300+). It can also monitor web sites, DNS, and other network services, and can generate reports from the collected monitor data.

Python SNMP Manager and Agent Protocols and APIs for use with the Twisted Matrix networking platform.

A pure-Python library for performing client operations using the WBEM CIM-XML protocol. Attention: This project has been moved to http://pywbem.github.io

Gerix WiFi cracker is a Backtrack program to crack WiFi. The main advantage of this program is that it has a graphical user interface. So that even newbies can easily hack a WiFi without the need of any command line knowledge.

This has a Python ICAP (Internet Content Adaptation Protocol) server and IRML parser. Using this, a web proxy can do rule-based adaptation of content before delivery to clients. Has a Python proxylet API and squid-icap-client code too.

Beta package released! Network Analyzer for lighting protocols like Art-Net, ACN, MA-Net and Compu-Net. Allows to display DMX data and discovers connected Desks