Open Source Python Network Monitoring Software

elmoCut aims to make arp spoofing easy for all users with all the hard work done under the hood. One of it's main features is to use as low CPU and RAM usage as possible while offering nearly the same results as other closed source spoofers.

Glances is an open source, cross-platform monitoring tool that aims to provide a significant amount of monitoring information through a curses or Web-based interface. Depending on the size of the user interface, this information can then dynamically adapt. Glances can work in client/server mode, and is also capable of remote monitoring. All systems statistics can be exported to files or external time/value databases. Glances gets information from your system through various libraries, and is based on an open architecture, so you can add new plugins or export modules.

The Open IPMI project aims to develop an open code base to allow access to platform information using Intelligent Platform Management Interface (IPMI).

OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization

SIGAR (System Information Gatherer and Reporter) is a cross-platform, cross-language library and command-line tool for accessing operating system and hardware level information in Java, Perl and .NET.

Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and Grids. It is based on a hierarchical design targeted at federations of clusters. Supports clusters up to 2000 nodes in size.

Python API library and shell utilities to monitor file system events. A simple program that uses watchdog to monitor directories specified as command-line arguments and logs events generated. Watchdog comes with an optional utility script called watchmedo. Please type watchmedo --help at the shell prompt to know more about this tool. You can use the shell-command subcommand to execute shell commands in response to events. watchmedo can read tricks.yaml files and execute tricks within them in response to file system events. Tricks are actually event handlers that subclass watchdog.tricks.Trick and are written by plugin authors. Trick classes are augmented with a few additional features that regular event handlers don't need. The directory containing the tricks.yaml file will be monitored. Each trick class is initialized with its corresponding keys in the tricks.yaml file as arguments and events are fed to an instance of this class as they arrive.

VNCed allows admins and teachers to monitor multiple workstations at the same time using VNC. There are a number of other VNC releated downloads available including MSI Creators/Installers for UltraVNC, Win32 version of RFBProxy and pyvnc2swf-py2exe

Zenoss provides software-defined IT operations for the world’s largest organizations. We deliver the ultimate level of IT service health with simplicity by providing the most granular and intelligent IT service modeling possible, at any scale, and sharing these unique insights with other IT operations management (ITOM) tools to make them more efficient. Zenoss Community Edition is not a “demo” or trial version of Zenoss Enterprise or Zenoss Cloud! Before You install Zenoss Community Edition, check out Zenoss Cloud, our new Saas-based platform for intelligent IT operations management, designed for enterprise hybrid IT environments. https://www.zenoss.com/product/zenoss-cloud-it-operations-management Zenoss Cloud extends your monitoring capabilities well beyond those available in our Community Edition. View the differences here: https://www.zenoss.com/get-started Features of Zenoss Cloud include:

DenyHosts is a python program that automatically blocks ssh attacks by adding entries to /etc/hosts.deny. DenyHosts will also inform Linux administrators about offending hosts, attacked users and suspicious logins. This project is being actively developed on GitHub (https://github.com/denyhosts)

NTM Is a network traffic monitor for Linux (ubuntu, kubuntu, ecc). Characteristics: Integrate with linux NetworkManager; Autodisconnect when a threshold is reached; Day report; Console and Gui interface (gtk); Not need root privilege;

QOS is a monitoring system. It can monitor Cpu, Disk, Memory, etc. on a large number of hosts (300+). It can also monitor web sites, DNS, and other network services, and can generate reports from the collected monitor data.

Zippy Ip Scanner is a free, open-source cross-platform IP scanning application written in python.

Master/node to gather and graph "everything" on your systems using Tobi Oetiker's rrdtool. It can optionally warn your surveillance software. This software package was originally called LRRD. The project. Please see http://munin-monitoring.org/

Anti-procrastination website and application blocker with scheduling. Perfect for students and parents alike. A free and open-source alternative to Cold Turkey. Made by Dang Nam Anh, Truong Duc Quan and Trieu Tran Duc Tri.

Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used also in CapAnalysis: http://www.capanalysis.net

Nagstamon is a Nagios status monitor which resides in systray or desktop (Linux, macOS, Windows) as floating statusbar to inform you in realtime about the status of your hosts and services. It allows to connect to multiple Nagios based monitors. Currently supported are Nagios, Icinga, Opsview, Op5 Ninja, Check_MK Multisite, Centreon and Thruk.

Python SNMP Manager and Agent Protocols and APIs for use with the Twisted Matrix networking platform.

justniffer is a TCP sniffer. It reassembles and reorders packets and displays the tcp flow in a customizable way. It can log network traffic in web server log format. It can also log network services performances (e.g. web server response times) and extract http content (images, html, scripts, etc)

OSPF_SNMP_v1.0.py is an OSPF network discovery script. It allows the discovery of all OSPF network devices in the network, without connecting to each of them or knowing all their IP addresses. The user must provide the IP and SNMP community string of a single OSPF device in the network (for example, a device in the core) and the script searches for all other OSPF routers. Prior to running the script, the user should configure SNMPv2 community string on the device and also include the subnet between his PC and the router into the OSPF process, so he has IP connectivity to all other OSPF nodes. After providing necessary info and the OSPF info is gathered, the user has three choices: display the OSPF routers info on the screen, export the data to a file for Excel importing and generate the OSPF topology showing neighborships, router IDs and neighbor IPs. Tools used for coding and testing: Python 2.7.3, PySNMP, GNS3, Linux. Tested on Cisco 2621, 2691, 3660.

This is the official homepage of PyURLSnooper, a program written to help users locate the urls of audio and video files so that they can be recorded. This is a OS independent equivalent of URL Snooper from http://www.donationcoder.com/ (similar to https://sourceforge.net/projects/mediasniffer/). Can be used in combination with RTMPDump (http://rtmpdump.mplayerhq.hu/) in order to capture streams.

Moved to https://github.com/jbthomsen/WiresharkZigbeeUtility Utility enabling easy capture and monitoring of Zigbee frames in Wireshark. This simple utility program implements a named pipe between Wireshark and the Freescale MC1322x USB dongle (support for other devices can relatively easily be added).

Hosting exploit/backdoor detection daemon.It's written in python , and uses inotify (pyinotify) to monitor file system activity.It checks files smaller then some size,compares their md5sum and hex signatures against DBs with known exploits/backdoor.

Python module for the libpcap packet capture library, based on the original python libpcap module by Aaron Rhodes.

BlueLogger is built using the Python programming language in order to monitor for Bluetooth devices nearby. The application can log the "Time", "Device Name" and "Device Address" of each discovered device.