Search Results for "network analysis"
Sort By:
Showing 38 open source projects for "network analysis"
View related business solutions-
Ship Agents FasterGemini Enterprise Agent Platform lets you rapidly build, scale, govern and optimize production-ready agents grounded in your organization's data. The platform enables developers to build custom or pre-built agents for virtually any use case. New customers get $300 in free credits.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
SSHGuard
Intelligently block brute-force attacks by aggregating system logs
SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf. -
2
Tranalyzer
Tranalyzer flow generator packet analyzer moved to: tranalyzer.com
The Anteater moves to a new site, available under tranalyzer.com. This tool generates extended netflow-like flow/packet statistics from large pcap files or ethernet interfaces. It is intended to serve as a tool for IT troubleshooting, encrypted traffic mining, AI preprocessing and forensic analysis. A packet based "tshark mode" for detailed header and content inspection is improved for troubleshooting and security purposes. Flow based and packet based content inspection and extraction,... -
3
Snare Lite (SIEM & Logging Software)
Snare Enterprise: bit.ly/Snare-Trial
ATTENTION: Snare Lite is unsupported legacy software. While it will remain a part of the SourceForge community, it is no longer secure and compliant. For up to date Snare software check out Snare Enterprise. https://www.snaresolutions.com/try-snare-for-free/ Snare Enterprise was created to keep up with the fast paced security software market. It started with the desire to create premium logging and SIEM tools that were agnostic by nature so they could be used to boost any SIEM... -
4
Xplico
Xplico is a Network Forensic Analysis Tool (NFAT)
Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. -
Compliant and Reliable File Transfers Backed by Top Security CertificationsStop relying on non-certified, legacy file transfer tools that creak under the weight of modern security demands. Get full audit trails, advanced access controls and more supported by an award-winning team of experts. Start your free 25-day trial today.
-
5
CapAnalysis
PCAP from another point of view
CapAnalysis is a web visual tool for information security specialists, system administrators and everyone who needs to analyze large amounts of captured network traffic. Analyze TCP and UDP streams Support multible datasets Perform deep packet inspection Support filtering capability Source Code: https://github.com/xplico/CapAnalysis -
6
pcaprunner
Analizes PCAP files and gives statistics about IP packets.
PCAPRUNNER runs through PCAP files and statistically analyzes IP packets. Other packets are ignored. Adresses, ports, oldest timestamp, youngest timestamp (first seen / last seen), the quantity of packets and the sum of the packet volumes (as given in the PCAP file as orig_len) are listed. PCAPRUNNER uses only the C standard library, no LIBPCAP. -
7
AlienVault OSSIM
Open Source SIEM
OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich... -
8
VirusTrap
Online Multi-Engine Antivirus Scanner
VirusTrap is an open source framework for penetration testers, network auditors, system administrators who need to analyze unknown binaries during their work. The scanner was made to help computer users identifying malicious files by scanning them with 25 antivirus engines. -
9
Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. Development has been moved to GitHub, https://github.com/Ettercap/ettercap
-
Stop Cyber Threats with VM-Series Next-Gen Firewall on AzureGain integrated visibility across all traffic in a single pass. Deploy Palo Alto Networks VM-Series to determine application identity and content while automating security policy updates via rich APIs.
-
10
Honeybrid is a network application built to 1) administrate network of honeypots, and 2) transparently redirect live network sessions (TCP or UDP) from one primary destination host to a secondary destination host.
-
11
Vortex is a near real time IDS and network surveillance engine for TCP stream data. Vortex decouples packet capture, stream reassembly, and real time constraints from analysis. Vortex is used to provide TCP stream data to a separate analyzer program.
-
12
The System for Modular Analysis and Continuous Queries (SMACQ) is a modular platform for analyzing and querying large datasets, including streaming network data, using features from databases, UNIX pipelines, and modular intrusion detection systems.
-
13
JMassLogProcess is an next generation SIEM solution, based on high performance syslog and snmp trap collector(up to 20,000 logs/s),Distributed File System(Hadoop),Complex Event Processing Engine and ZK …….
-
14
Ourmon is a network monitoring and anomaly detection system and displays the data for multiple BPF expressions via RRDTOOL-based graphs. It also helps the user identify various kinds of network anomalies using various flow analysis tools and logging.
-
15
-
16
Logdigest mails interesting lines from log files to the system administrator. Non-relevant lines are filtered out by customizable regular expressions. Logdigest comes with a set of such regexps to provide a good starting point.
-
17
The kernel network stack may behave not as expected, especially in the case of receiving packets. With Ianus it is possible to bypass the kernel network stack and to develop your own network stack in user space or other tools.
-
18
SecurityFusion is an open source network intrusion detection and prevention system based in Hogwash, capable of performing real-time traffic analysis and packet logging on IP networks.
-
19
This project is an attempt to redesign the snort database schema and to provide a new analysis frontend and associated tools.
-
20
Nuhe is a log monitoring system, which is capable of alarm generation and action when rules are matched against log(s) activity.
-
21
Honeytrap is a network security tool written to observe attacks against network services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and uses plugins for automated analysis.
-
22
Cnc's IP Data Volume Report
Logs IP to IP contact, number of packets, bytes.
Cnc's IP Data Volume Report: Logs IP to IP contact, number of packets, bytes, time of contact, Ethernet too! View via local web interface. Very simple for those who want to view who your computer is contacting the most! -
23
Security Analyst Network Connection Profiler [sancp] is a network security tool designed to create connection logs and record network traffic for the purpose of auditing, historical analysis, and network activity discovery.
-
24
vSentinel is a customizable 3D mapping of your network monitoring or security data for real-time or trend-based attack and anomaly detection and analysis.
-
25
Bruteblock allows system administrators to block various bruteforce attacks on UNIX services. The program analyzes system logs and adds attacker's IP into IPFW table effectively blocking them. Addresses are removed from the table after expiration period
