Open Source Python Network Monitoring Software

elmoCut aims to make arp spoofing easy for all users with all the hard work done under the hood. One of it's main features is to use as low CPU and RAM usage as possible while offering nearly the same results as other closed source spoofers.

Glances is an open source, cross-platform monitoring tool that aims to provide a significant amount of monitoring information through a curses or Web-based interface. Depending on the size of the user interface, this information can then dynamically adapt. Glances can work in client/server mode, and is also capable of remote monitoring. All systems statistics can be exported to files or external time/value databases. Glances gets information from your system through various libraries, and is based on an open architecture, so you can add new plugins or export modules.

The Open IPMI project aims to develop an open code base to allow access to platform information using Intelligent Platform Management Interface (IPMI).

OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization

Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and Grids. It is based on a hierarchical design targeted at federations of clusters. Supports clusters up to 2000 nodes in size.

SIGAR (System Information Gatherer and Reporter) is a cross-platform, cross-language library and command-line tool for accessing operating system and hardware level information in Java, Perl and .NET.

SNMP v1/v2c/v3 engine and apps written in pure-Python. Project moved to GitHub: https://github.com/etingof/pysnmp

DenyHosts is a python program that automatically blocks ssh attacks by adding entries to /etc/hosts.deny. DenyHosts will also inform Linux administrators about offending hosts, attacked users and suspicious logins. This project is being actively developed on GitHub (https://github.com/denyhosts)

Nagstamon is a Nagios status monitor which resides in systray or desktop (Linux, macOS, Windows) as floating statusbar to inform you in realtime about the status of your hosts and services. It allows to connect to multiple Nagios based monitors. Currently supported are Nagios, Icinga, Opsview, Op5 Ninja, Check_MK Multisite, Centreon and Thruk.

Zenoss provides software-defined IT operations for the world’s largest organizations. We deliver the ultimate level of IT service health with simplicity by providing the most granular and intelligent IT service modeling possible, at any scale, and sharing these unique insights with other IT operations management (ITOM) tools to make them more efficient. Zenoss Community Edition is not a “demo” or trial version of Zenoss Enterprise or Zenoss Cloud! Before You install Zenoss Community Edition, check out Zenoss Cloud, our new Saas-based platform for intelligent IT operations management, designed for enterprise hybrid IT environments. https://www.zenoss.com/product/zenoss-cloud-it-operations-management Zenoss Cloud extends your monitoring capabilities well beyond those available in our Community Edition. View the differences here: https://www.zenoss.com/get-started Features of Zenoss Cloud include:

Python API library and shell utilities to monitor file system events. A simple program that uses watchdog to monitor directories specified as command-line arguments and logs events generated. Watchdog comes with an optional utility script called watchmedo. Please type watchmedo --help at the shell prompt to know more about this tool. You can use the shell-command subcommand to execute shell commands in response to events. watchmedo can read tricks.yaml files and execute tricks within them in response to file system events. Tricks are actually event handlers that subclass watchdog.tricks.Trick and are written by plugin authors. Trick classes are augmented with a few additional features that regular event handlers don't need. The directory containing the tricks.yaml file will be monitored. Each trick class is initialized with its corresponding keys in the tricks.yaml file as arguments and events are fed to an instance of this class as they arrive.

howmanypeoplearearound calculates the number of people in the vicinity using the approximate number of smartphones as a proxy (since ~70% of people have smartphones nowadays). A cellphone is determined to be in proximity to the computer based on sniffing WiFi probe requests. Possible uses of howmanypeoplearearound include, monitoring foot traffic in your house with Raspberry Pis, seeing if your roommates are home, etc. There are a number of possible USB WiFi adapters that support monitor mode. Namely you want to find a USB adapter with one of the following chipsets: Atheros AR9271, Ralink RT3070, Ralink RT3572, or Ralink RT5572. You will be prompted for the WiFi adapter to use for scanning. Make sure to use an adapter that supports "monitor" mode. You can modify the scan time, designate the adapter, or modify the output using some command-line options.

VNCed allows admins and teachers to monitor multiple workstations at the same time using VNC. There are a number of other VNC releated downloads available including MSI Creators/Installers for UltraVNC, Win32 version of RFBProxy and pyvnc2swf-py2exe

Anti-procrastination website and application blocker with scheduling. Perfect for students and parents alike. A free and open-source alternative to Cold Turkey. Made by Dang Nam Anh, Truong Duc Quan and Trieu Tran Duc Tri.

Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used also in CapAnalysis: http://www.capanalysis.net

Zippy Ip Scanner is a free, open-source cross-platform IP scanning application written in python.

Python module for the libpcap packet capture library, based on the original python libpcap module by Aaron Rhodes.

Master/node to gather and graph "everything" on your systems using Tobi Oetiker's rrdtool. It can optionally warn your surveillance software. This software package was originally called LRRD. The project. Please see http://munin-monitoring.org/

NTM Is a network traffic monitor for Linux (ubuntu, kubuntu, ecc). Characteristics: Integrate with linux NetworkManager; Autodisconnect when a threshold is reached; Day report; Console and Gui interface (gtk); Not need root privilege;

justniffer is a TCP sniffer. It reassembles and reorders packets and displays the tcp flow in a customizable way. It can log network traffic in web server log format. It can also log network services performances (e.g. web server response times) and extract http content (images, html, scripts, etc)

BlueLogger is built using the Python programming language in order to monitor for Bluetooth devices nearby. The application can log the "Time", "Device Name" and "Device Address" of each discovered device.

This professional WiFi management tool allows you to view and manage detailed information about all wireless networks registered on your computer.

Network file scanner for FTP protocol

Keep track of bandwidth usage Allows Linux users to monitor their Transmit and Receive bandwidth usage with a simple text based menu, via your browser or from the command line. Some of us are unable to get "unlimited", "all that you can eat", internet packages and are left trying to stay within our Download/Upload limits, whilst paying dearly for the "privilege". Equally, we didn't have the foresight or the money to purchase an snmp managed router, so we are unable to strip the traffic information from the router itself, rather we have to rely on the logging into our ISP, to discover if we are approaching the bandwidth limit. Bandwidth logger, runs a daemon that notes how much traffic is passing through your network interface. Bandwidth logger was written to install on a system using 'systemd' but can be configured to run under 'upstart'. An upstart script "/usr/share/bandwidth/bandwidth.upstart.conf" is included but will have to installed manually for those using 'upstart'.

The Cisco Connection Analyzer will analyze a real time snap shot of your PIX/ASA connection table and tell you useful information about the conn table. It will tell you top talkers, top services..etc. Very useful in troubleshooting the firewall.