jaeswift-website/api/data/awesomelist/caesar0301--awesome-pcaptools.json


			
				
				
					
						
						
						
							
							
							{"slug": "caesar0301--awesome-pcaptools", "title": "Awesome Pcaptools", "description": "A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for the original authors.", "github_url": "https://github.com/caesar0301/awesome-pcaptools", "stars": "3.3K", "tag": "Networking", "entry_count": 107, "subcategory_count": 3, "subcategories": [{"name": "Traffic Capture<a name=\"capture\"></a>", "parent": "", "entries": [{"name": "Libpcap/Tcpdump", "url": "https://www.tcpdump.org/", "description": ""}, {"name": "Deepfence PacketStreamer", "url": "https://github.com/deepfence/PacketStreamer", "description": "", "stars": "1.9k"}, {"name": "Ngrep", "url": "https://github.com/jpr5/ngrep/", "description": "", "stars": "982"}, {"name": "clj-net-pcap", "url": "https://github.com/ruedigergad/clj-net-pcap", "description": "", "stars": "67"}, {"name": "jNetPcap", "url": "https://sourceforge.net/projects/jnetpcap/", "description": ""}, {"name": "Arkime", "url": "https://arkime.com/", "description": ""}, {"name": "n2disk", "url": "https://www.ntop.org/products/traffic-recording-replay/n2disk/", "description": ""}, {"name": "Netis Packet Agent", "url": "https://github.com/Netis/packet-agent", "description": "", "stars": "961"}, {"name": "OpenFPC", "url": "https://github.com/leonward/OpenFPC", "description": "", "stars": "71"}, {"name": "PCAPdroid", "url": "https://github.com/emanuele-f/PCAPdroid", "description": "", "stars": "3.4k"}, {"name": "PF\\_RING", "url": "https://www.ntop.org/products/packet-capture/pf_ring/", "description": ""}, {"name": "pmacct", "url": "https://github.com/pmacct/pmacct", "description": "", "stars": "1.2k"}, {"name": "softflowd", "url": "https://github.com/irino/softflowd", "description": "", "stars": "198"}, {"name": "TTT", "url": "https://www2.sonycsl.co.jp/person/kjc/kjc/software.html#ttt", "description": ""}, {"name": "Yaf", "url": "https://tools.netsa.cert.org/yaf/yaf.html", "description": ""}, {"name": "sharppcap", "url": "https://github.com/dotpcap/sharppcap", "description": "", "stars": "1.5k"}, {"name": "Brim", "url": "https://www.brimsecurity.com/", "description": ""}, {"name": "BruteShark", "url": "https://github.com/odedshimon/BruteShark", "description": "", "stars": "3.3k"}, {"name": "AIEngine", "url": "https://bitbucket.org/camp0/aiengine", "description": ""}, {"name": "CapAnalysis", "url": "http://www.capanalysis.net/ca/", "description": "CapAnalysis is a web visual tool for information security specialists, system administrators and everyone who needs to analyze large amounts of captured network traffic. A live web demo is [available](http://pcap.capanalysis.net/) for testing."}, {"name": "CapTipper", "url": "https://github.com/omriher/CapTipper", "description": "", "stars": "723"}, {"name": "Chopshop", "url": "https://github.com/MITRECND/chopshop", "description": "", "stars": "496"}, {"name": "CoralReef", "url": "https://www.caida.org/tools/measurement/coralreef/", "description": ""}, {"name": "DPDK", "url": "https://www.dpdk.org/", "description": ""}, {"name": "DPKT", "url": "https://github.com/kbandla/dpkt", "description": "", "stars": "1.1k"}, {"name": "ECap", "url": "https://web.archive.org/web/20170715080351/https://bitbucket.org/nathanj/ecap/wiki/Home", "description": ""}, {"name": "EtherApe", "url": "https://etherape.sourceforge.io/", "description": ""}, {"name": "Ettercap", "url": "https://github.com/Ettercap/ettercap", "description": "", "stars": "2.6k"}, {"name": "HttpSniffer", "url": "https://github.com/caesar0301/http-sniffer", "description": "", "stars": "191"}, {"name": "Ipsumdump", "url": "https://github.com/kohler/ipsumdump", "description": "", "stars": "39"}, {"name": "ITA", "url": "https://web.archive.org/web/20181016104652/http://ita.ee.lbl.gov/html/traces.html", "description": ""}, {"name": "Joy", "url": "https://github.com/cisco/joy", "description": "", "stars": "1.4k"}, {"name": "Libcrafter", "url": "https://github.com/pellegre/libcrafter", "description": "", "stars": "305"}, {"name": "Libnet", "url": "https://github.com/libnet/libnet", "description": "", "stars": "945"}, {"name": "Libnids", "url": "http://libnids.sourceforge.net/", "description": ""}, {"name": "Multitail", "url": "https://www.vanheusden.com/multitail/", "description": ""}, {"name": "Netsniff-ng", "url": "https://www.github.com/borkmann/netsniff-ng", "description": ""}, {"name": "NetDude", "url": "http://netdude.sourceforge.net/", "description": ""}, {"name": "Network Expect", "url": "https://www.netexpect.org/", "description": ""}, {"name": "nfdump", "url": "https://github.com/phaag/nfdump", "description": "", "stars": "873"}, {"name": "NFStream", "url": "https://github.com/nfstream/nfstream", "description": "", "stars": "1.2k"}, {"name": "Ntop", "url": "http://www.ntop.org/", "description": ""}, {"name": "Ntopng", "url": "https://www.ntop.org/products/traffic-analysis/ntop/", "description": ""}, {"name": "Ostinato", "url": "https://ostinato.org/", "description": ""}, {"name": "packemon", "url": "https://github.com/ddddddO/packemon", "description": "", "stars": "288"}, {"name": "PacketQ", "url": "https://github.com/dotse/PacketQ", "description": "", "stars": "396"}, {"name": "Pcap2har", "url": "https://github.com/andrewf/pcap2har", "description": "", "stars": "243"}, {"name": "PcapPlusPlus", "url": "https://github.com/seladb/PcapPlusPlus", "description": "", "stars": "3k"}, {"name": "pcaptoparquet", "url": "https://github.com/nokia/pcaptoparquet", "description": "", "stars": "4"}, {"name": "pkt2flow", "url": "https://github.com/caesar0301/pkt2flow", "description": "", "stars": "173"}, {"name": "potiron", "url": "https://github.com/CIRCL/potiron", "description": "", "stars": "87"}, {"name": "pyshark", "url": "https://kiminewt.github.io/pyshark/", "description": ""}, {"name": "Sanitize", "url": "https://web.archive.org/web/20190210101529/http://ita.ee.lbl.gov/html/contrib/sanitize.html", "description": ""}, {"name": "Scapy", "url": "http://www.secdev.org/projects/scapy/", "description": ""}, {"name": "SiLK", "url": "https://tools.netsa.cert.org/silk/", "description": ""}, {"name": "Sniff", "url": "http://www.thedumbterminal.co.uk/software/sniff.html", "description": ""}, {"name": "Snort", "url": "https://www.snort.org/", "description": ""}, {"name": "Socket Sentry", "url": "https://github.com/rhasselbaum/socket-sentry", "description": "", "stars": "4"}, {"name": "Squey", "url": "https://squey.org", "description": ""}, {"name": "Suricata", "url": "https://suricata-ids.org", "description": ""}, {"name": "TCP-Reduce", "url": "http://ita.ee.lbl.gov/html/contrib/tcp-reduce.html", "description": ""}, {"name": "Tcpdpriv", "url": "http://ita.ee.lbl.gov/html/contrib/tcpdpriv.html", "description": ""}, {"name": "Tcpflow", "url": "https://github.com/simsong/tcpflow", "description": "", "stars": "1.8k"}, {"name": "Tcplook", "url": "http://ita.ee.lbl.gov/html/contrib/tracelook.html", "description": ""}, {"name": "Tcpreplay", "url": "https://github.com/appneta/tcpreplay", "description": "", "stars": "1.3k"}, {"name": "Tcpslice", "url": "https://github.com/pyke369/tcpsplice", "description": "", "stars": "8"}, {"name": "Tcpsplit", "url": "https://github.com/pmcgleenon/tcpsplit", "description": "", "stars": "7"}, {"name": "Tcpstat", "url": "https://frenchfries.net/paul/tcpstat/", "description": ""}, {"name": "Tcptrace", "url": "https://github.com/blitz/tcptrace", "description": "", "stars": "79"}, {"name": "TraceWrangler", "url": "https://www.tracewrangler.com/", "description": ""}, {"name": "Tstat", "url": "http://tstat.tlc.polito.it/", "description": ""}, {"name": "WAND", "url": "https://research.wand.net.nz/", "description": ""}, {"name": "WinDivert", "url": "https://github.com/basil00/WinDivert", "description": "", "stars": "3k"}, {"name": "WinDump", "url": "https://www.winpcap.org/windump/", "description": ""}, {"name": "WinPcap", "url": "https://www.winpcap.org/", "description": ""}, {"name": "WireEdit", "url": "https://wireedit.com/", "description": ""}, {"name": "Wireshark suit", "url": "https://wiki.wireshark.org/Tools", "description": ""}, {"name": "Xplot", "url": "http://www.xplot.org/", "description": ""}, {"name": "yaraPcap", "url": "https://github.com/kevthehermit/YaraPcap", "description": "", "stars": "108"}, {"name": "yaraprocessor", "url": "https://github.com/MITRECND/yaraprocessor", "description": "", "stars": "98"}, {"name": "Zeek", "url": "https://zeek.org/", "description": ""}, {"name": "dnsgram", "url": "https://doc.powerdns.com/authoritative/manpages/dnsgram.1.html", "description": ""}, {"name": "dnsreplay", "url": "https://doc.powerdns.com/authoritative/manpages/dnsreplay.1.html", "description": ""}, {"name": "dnsscan", "url": "https://doc.powerdns.com/authoritative/manpages/dnsscan.1.html", "description": ""}, {"name": "dnsscope", "url": "https://doc.powerdns.com/authoritative/manpages/dnsscope.1.html", "description": ""}, {"name": "dnswasher", "url": "https://doc.powerdns.com/authoritative/manpages/dnswasher.1.html", "description": ""}, {"name": "Chaosreader", "url": "https://github.com/brendangregg/Chaosreader", "description": "", "stars": "233"}, {"name": "Dsniff", "url": "https://www.monkey.org/~dugsong/dsniff/", "description": ""}, {"name": "Foremost", "url": "https://github.com/jonstewart/foremost", "description": "", "stars": "53"}, {"name": "Justniffer", "url": "https://onotelli.github.io/justniffer/", "description": ""}, {"name": "NetworkMiner", "url": "https://www.netresec.com/index.ashx?page=NetworkMiner", "description": ""}, {"name": "pcapfex", "url": "https://github.com/vikwin/pcapfex", "description": "Packet CAPture Forensic Evidence eXtractor (pcapfex) is a tool that finds and extracts files from packet capture files. Its power lies in its ease of use. Just provide it a pcap file, and it will try to extract all of the files. It is an extensible platform, so additional file types to recognize and extract can be added easily.", "stars": "223"}, {"name": "scalpel", "url": "https://github.com/sleuthkit/scalpel", "description": "", "stars": "665"}, {"name": "Snort", "url": "https://www.snort.org/", "description": ""}, {"name": "Tcpick", "url": "http://tcpick.sourceforge.net/", "description": ""}, {"name": "Tcpxtract", "url": "http://tcpxtract.sourceforge.net/", "description": ""}, {"name": "Xplico", "url": "http://www.xplico.org/about", "description": ""}]}, {"name": "Capture tools", "parent": "USB", "entries": [{"name": "usbmon", "url": "https://www.kernel.org/doc/Documentation/usb/usbmon.txt", "description": "a subsystem of Linux kernel to capture usb packets."}, {"name": "USBPcap", "url": "https://github.com/desowin/usbpcap", "description": "a solution for Windows.", "stars": "1k"}]}, {"name": "Analysis", "parent": "USB", "entries": [{"name": "USBPcapOdinDumper", "url": "https://github.com/KOLANICH/USBPcapOdinDumper", "description": "transforms .pcap files with `usbmon` and `USBPcap` frames format of captures from flashing an Android phone with Odin or [Heimdall](https://gitlab.com/BenjaminDobell/Heimdall) into a set of files with frames payload. Useful for reverse-engineering. Has a modular architecture easily transformable for other applications formats.", "stars": "12"}, {"name": "BPF for Ultrix", "url": "https://www.tcpdump.org/other/bpfext42.tar.Z", "description": ""}, {"name": "BPF+", "url": "https://andrewbegel.com/papers/bpf.pdf", "description": ""}, {"name": "FFT-FGN-C", "url": "ftp://ita.ee.lbl.gov/html/contrib/fft_fgn_c.html", "description": ""}, {"name": "Haka", "url": "http://www.haka-security.org/", "description": ""}, {"name": "RIPE-NCC Hadoop for PCAP", "url": "https://github.com/RIPE-NCC/hadoop-pcap", "description": "", "stars": "210"}, {"name": "Traffic Data Repository at the WIDE Project", "url": "https://www2.sonycsl.co.jp/person/kjc/papers/freenix2000/", "description": ""}, {"name": "Usenix93 Paper on BPF", "url": "https://www.tcpdump.org/papers/bpf-usenix93.pdf", "description": ""}]}]}
						
						
					
				
				
					
						Reference in a new issue
					
					View git blame
					Copy permalink