Network Forensics

15 projects

Showing 15 of 15 projects

MolochC

An open-source, large-scale network packet capture, indexing, and analysis system for security and network monitoring.

#pcap#network-forensics#pcap-indexing

Stars7.4k

Forks1.2k

Last commit3 days ago

ArkimeC

An open-source, large-scale network packet capture, indexing, and analysis system with a web interface.

#pcap#network-forensics#pcap-indexing

Stars7.4k

Forks1.2k

Last commit3 days ago

DshellPython

An extensible Python framework for network forensic analysis through plugin-based dissection of packet captures.

#network-forensics#traffic-inspection#protocol-analysis

Stars5.5k

Forks1.1k

Last commit2 years ago

Awesome PCAP Tools

A curated list of open-source tools for capturing, analyzing, and processing network packet captures (PCAP files).

#pcap-tools#open-source#network-forensics

Stars3.4k

Forks473

Last commit9 months ago

BruteSharkC#

A Network Forensic Analysis Tool (NFAT) for deep inspection of PCAP files and live traffic, extracting credentials, building network maps, and reconstructing sessions.

#cyber#network-mapping#session-reconstruction

Stars3.4k

Forks355

Last commit3 years ago

JA4+Rust

A suite of network fingerprinting standards for TLS, TCP, HTTP, SSH, and other protocols to facilitate threat detection and security analysis.

#ja3-fingerprint#traffic-analysis#ja4-fingerprint

Stars2.0k

Forks171

Last commit5 days ago

tcpflowC++

A TCP/IP packet demultiplexer that captures and reconstructs TCP connections into separate files for protocol analysis and forensics.

#digital-forensics#traffic-analysis#libpcap

Stars1.8k

Forks243

Last commit4 months ago

ngrepC

A PCAP-based network packet analyzer that applies grep-like pattern matching to packet payloads across multiple protocols.

#traffic-analysis#command-line-tools#pcap

Stars1.0k

Forks106

Last commit4 months ago

CapTipperPython

A Python tool to analyze, explore, and revive malicious HTTP traffic from PCAP files for security research.

#digital-forensics#python-tool#network-forensics

Stars723

Forks161

Last commit3 years ago

HASSHPython

A network fingerprinting standard that identifies SSH client and server implementations via MD5 hashes of algorithm sets.

#network-forensics#iot-security#ssh-fingerprinting

Stars550

Forks75

Last commit1 year ago

friTapJavaScript

A tool for real-time SSL/TLS key extraction and traffic decryption to simplify encrypted network analysis for security researchers.

#digital-forensics#android-https-capture#pcap

Stars511

Forks46

Last commit5 days ago

chopshopPython

A Python framework for creating protocol decoders and detectors to analyze APT tradecraft in network traffic.

#network-forensics#security-analysis#mitre-framework

Stars496

Forks111

Last commit3 years ago

Chaosreader

A Perl tool that extracts and reassembles application sessions and files from network packet captures for analysis and replay.

#traffic-analysis#network-forensics#tcpdump

Stars239

Forks50

Last commit4 years ago

joincapGo

A command-line tool that merges multiple pcap files while gracefully handling corrupt or malformed input.

#packet-processing#data-merging#pcap

Stars220

Forks24

Last commit1 year ago

dorothy2Ruby

A Ruby framework for automated malware and botnet analysis using sandboxed virtual machines and network traffic dissection.

#network-forensics#couchdb#botnet-analysis

Stars195

Forks33

Last commit2 years ago

Related Tags

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub