network-forensics
There are 7 repositories under network-forensics topic.
seladb / PcapPlusPlus
PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, Npcap, WinPcap, DPDK, AF_XDP and PF_RING.
Language:C++ 2652- Language:Rust 812
MISP / misp-warninglists
Warning lists to inform users of MISP about potential false-positives or other information in indicators
Language:Python 502- Language:Python 420
faucetsdn / poseidon
Poseidon is a python-based application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. The machine learning algorithms classify and predict the type of device.
Language:Python 417fkie-cad / friTap
The goal of this project is to help researchers to analyze traffic encapsulated in SSL or TLS.
Language:JavaScript 254asiamina / A-Course-on-Digital-Forensics
A course on "Digital Forensics" designed and offered in the Computer Science Department at Texas Tech University
Language:Rich Text Format 170nipunjaswal / networkforensics
Hands-On Network Forensics by Nipun Jaswal
Language:Python 38- Language:C++ 35
cdpxe / nefias
Network Forensic & Anomaly Detection System; tailored for covert channel/network steganography detection
Language:Shell 27Some network covert channel projects of my own research, containing a protocol channel tool (protocol switching covert channel, PCT/PSCC), a protocol hopping covert channel (PHCC) tool, the protocol channel-aware active warden (PCAW) and ... VSTT.
covert-channelsteganographysecret-sharinginformation-hidinginformation-securityscientific-softwarenetwork-securityprotocol-channelsprotocol-hoppingprotocol-switching-covert-channelsprotocol-hopping-covert-channelsinfosecnetwork-forensicsnetwork-traffic-generatornetwork-sciencenetwork-analysisnetwork-steganographyactivewardenstegoLanguage:C 11MartinaZembjakova / Network-forensic-tools-taxonomy
Overview of some network tools that can be used during the network forensics (extended with some publicly available datasets)
Language:HTML 7The goal of this project is to help researchers/investigaters to export the decrypted TLS content into a PCAP
Language:Python 6- bustaPcap
abaker2010 / bustaPcap
Program for static analysis of pcap files and recreation of information sent
Language:Python 5 Khaoulahidaawi / NIPDS
Designing and implementing a Packet-Based Intelligent Network phishing Intrusion Detection system. The idea of the design is to use machine learning to classify Network packets to benign and phishing in real-time flow (for both http/https protocol) based on DNS records and domain name features. It operates by using a pre-programmed list of known phishing threat features and their indicators of compromise (IOCs). As a signature based INPDS it will monitor the packets traversing the network, it compares these packets to the database of known IOCs or attack signatures to flag any suspicious behavior.
Language:Jupyter Notebook 4farazulhoda / network-traffic-analysis
The Network Traffic Analyzer is a Python script designed for capturing and analyzing network traffic, focusing primarily on DNS traffic. This tool provides users with the capability to monitor network activity in real-time and extract relevant information from captured packets.
Language:HTML 3denverskylines / p0f-api-legacy
passive device fingerprinting api for network intrustion detection
Language:Python 2MikeHorn-git / PsqlHunter
Hunt sql commands in pcap.
Language:Python 2- Language:Jupyter Notebook 2
shivnshu / network-forensics-framework
Usable web interface to perform offline network analysis
Language:JavaScript 2axmahr / PcapCleaner
Filter background traffic from capture files
Language:Python 1B4K35 / SIT327-Network-Forensics-Lab
This repository was designed to help streamline the process of completing the Deakin unit SIT327 Network Forensics.
Language:Shell 1johnbumgarner / forensics_tools
This repository contains various scripts that can be used to obtain information about IP addresses and MAC addresses.
Language:Python 1lucadibello / wiremap-public
🛰️ A sophisticated network mapper and analyser
0MichalSoltysikSOC / Cybersecurity-content-videos
Cybersecurity content (YouTube videos) | (1) Deep packet inspection analyses - why the typical approach is not enough | (2) Deep Packet Inspection Analysis - Examining One Packet Killers | (3) Remcos RAT threat analysis on Windows including IEC 60870-5-104 traffic
0Baniur / baniur.github.io
Write-ups for CTF-like, CyberSec training platforms (BTLO, CyberDefenders) | Repository of forensic artifacts which are useful in real world and CTF investigations
bolisettynihith / Intro-Network-Forensics-challenges
Contains beginner-level network forensics challenges from various CTFs.
computerforensicslab / honeypots
NETWORK FORENSICS: 25 different honeypots in a single pypi package! (dns, ftp, httpproxy, http, https, imap, mysql, pop3, postgres, redis, smb, smtp, socks5, ssh, telnet, vnc, mssql, elastic, ldap, ntp, memcache, snmp, oracle, sip and irc)
Language:Pythongithubfoam / moloch-sandbox
network security monitoring visibility , ELK, CTI, DFIR
Language:Shelltshark network forensics ubuntu windows
Language:Shell- Language:Python
