Open Source Python Network Monitoring Software

elmoCut aims to make arp spoofing easy for all users with all the hard work done under the hood. One of it's main features is to use as low CPU and RAM usage as possible while offering nearly the same results as other closed source spoofers.

Glances is an open source, cross-platform monitoring tool that aims to provide a significant amount of monitoring information through a curses or Web-based interface. Depending on the size of the user interface, this information can then dynamically adapt. Glances can work in client/server mode, and is also capable of remote monitoring. All systems statistics can be exported to files or external time/value databases. Glances gets information from your system through various libraries, and is based on an open architecture, so you can add new plugins or export modules.

The Open IPMI project aims to develop an open code base to allow access to platform information using Intelligent Platform Management Interface (IPMI).

OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization

Zenoss provides software-defined IT operations for the world’s largest organizations. We deliver the ultimate level of IT service health with simplicity by providing the most granular and intelligent IT service modeling possible, at any scale, and sharing these unique insights with other IT operations management (ITOM) tools to make them more efficient. Zenoss Community Edition is not a “demo” or trial version of Zenoss Enterprise or Zenoss Cloud! Before You install Zenoss Community Edition, check out Zenoss Cloud, our new Saas-based platform for intelligent IT operations management, designed for enterprise hybrid IT environments. https://www.zenoss.com/product/zenoss-cloud-it-operations-management Zenoss Cloud extends your monitoring capabilities well beyond those available in our Community Edition. View the differences here: https://www.zenoss.com/get-started Features of Zenoss Cloud include:

SIGAR (System Information Gatherer and Reporter) is a cross-platform, cross-language library and command-line tool for accessing operating system and hardware level information in Java, Perl and .NET.

DenyHosts is a python program that automatically blocks ssh attacks by adding entries to /etc/hosts.deny. DenyHosts will also inform Linux administrators about offending hosts, attacked users and suspicious logins. This project is being actively developed on GitHub (https://github.com/denyhosts)

Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and Grids. It is based on a hierarchical design targeted at federations of clusters. Supports clusters up to 2000 nodes in size.

Python API library and shell utilities to monitor file system events. A simple program that uses watchdog to monitor directories specified as command-line arguments and logs events generated. Watchdog comes with an optional utility script called watchmedo. Please type watchmedo --help at the shell prompt to know more about this tool. You can use the shell-command subcommand to execute shell commands in response to events. watchmedo can read tricks.yaml files and execute tricks within them in response to file system events. Tricks are actually event handlers that subclass watchdog.tricks.Trick and are written by plugin authors. Trick classes are augmented with a few additional features that regular event handlers don't need. The directory containing the tricks.yaml file will be monitored. Each trick class is initialized with its corresponding keys in the tricks.yaml file as arguments and events are fed to an instance of this class as they arrive.

Master/node to gather and graph "everything" on your systems using Tobi Oetiker's rrdtool. It can optionally warn your surveillance software. This software package was originally called LRRD. The project. Please see http://munin-monitoring.org/

NTM Is a network traffic monitor for Linux (ubuntu, kubuntu, ecc). Characteristics: Integrate with linux NetworkManager; Autodisconnect when a threshold is reached; Day report; Console and Gui interface (gtk); Not need root privilege;

SNMP v1/v2c/v3 engine and apps written in pure-Python. Project moved to GitHub: https://github.com/etingof/pysnmp

Nagstamon is a Nagios status monitor which resides in systray or desktop (Linux, macOS, Windows) as floating statusbar to inform you in realtime about the status of your hosts and services. It allows to connect to multiple Nagios based monitors. Currently supported are Nagios, Icinga, Opsview, Op5 Ninja, Check_MK Multisite, Centreon and Thruk.

justniffer is a TCP sniffer. It reassembles and reorders packets and displays the tcp flow in a customizable way. It can log network traffic in web server log format. It can also log network services performances (e.g. web server response times) and extract http content (images, html, scripts, etc)

Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used also in CapAnalysis: http://www.capanalysis.net

VNCed allows admins and teachers to monitor multiple workstations at the same time using VNC. There are a number of other VNC releated downloads available including MSI Creators/Installers for UltraVNC, Win32 version of RFBProxy and pyvnc2swf-py2exe

Python SNMP Manager and Agent Protocols and APIs for use with the Twisted Matrix networking platform.

Zippy Ip Scanner is a free, open-source cross-platform IP scanning application written in python.

Anti-procrastination website and application blocker with scheduling. Perfect for students and parents alike. A free and open-source alternative to Cold Turkey. Made by Dang Nam Anh, Truong Duc Quan and Trieu Tran Duc Tri.

QOS is a monitoring system. It can monitor Cpu, Disk, Memory, etc. on a large number of hosts (300+). It can also monitor web sites, DNS, and other network services, and can generate reports from the collected monitor data.

Hosting exploit/backdoor detection daemon.It's written in python , and uses inotify (pyinotify) to monitor file system activity.It checks files smaller then some size,compares their md5sum and hex signatures against DBs with known exploits/backdoor.

VScan is a small, text-based, platform independent port scanner written in python, which supports multithreading and banner grabbing.

IP-ID allows simple name resolution in a local network without using DNS via the samba nmblookup program. It also integrates with XBMC to detect and add an xbox to known local hosts. A simple python program to manipulate /etc/hosts

This is the official homepage of PyURLSnooper, a program written to help users locate the urls of audio and video files so that they can be recorded. This is a OS independent equivalent of URL Snooper from http://www.donationcoder.com/ (similar to https://sourceforge.net/projects/mediasniffer/). Can be used in combination with RTMPDump (http://rtmpdump.mplayerhq.hu/) in order to capture streams.

STAT is a framework for building modular, stateful signature-based intrusion detection systems. STAT provides a means to develop sensors which operate in different domains and environments.