We have collection of more than 1 Million open source products ranging from Enterprise product to
small libraries in all platforms. We aggregate information from all open source repositories.
Search and find the best for your needs. Check out projects section.
TCPDump, a powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture. It prints out a description of the contents of packets on a network interface that match the boolean expression. The Packet Capture library provides a high level interface to packet capture systems. All packets on the network, even those destined for other hosts, are accessible through this mechanism.
netsniff-ng is a free Linux networking toolkit, a Swiss army knife for your daily Linux network plumbing if you will. Its gain of performance is reached by zero-copy mechanisms, so that on packet reception and transmission the kernel does not need to copy packets from kernel space to user space and vice versa.
Snort is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Snort can perform protocol analysis and content searching/matching. It can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
Packet Peeper is a network protocol analyzer (or 'packet sniffer') for Mac OS X. Its features include TCP stream reassembly, privilege separation, simultaneous capture sessions, filters, Python plugins and support for pcap capture files.
DPDK is a set of libraries and drivers for fast packet processing. It was designed to run on any processors. The first supported CPU was Intel x86 and it is now extended to IBM Power 8, EZchip TILE-Gx and ARM. These libraries can be used to receive and send packets within the minimum number of CPU cycles (usually less than 80 cycles), develop fast packet capture algorithms (tcpdump-like) and run third-party fast path stacks.
RPCAP is a Remote Packet Capture system. It provides a libpcap-compatible client library which when linked with a user program running on a client system, initiates and controls a network sniffer RPC service running on a remote host.
jpcap is a set of Java classes which provide an interface and system for network packet capture. A protocol library and tool for visualizing network traffic is included. jpcap utilizes libpcap, a widely deployed system library for packet capture.
Moloch is an open source, large scale, full packet capturing, indexing, and database system. Moloch augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access. An intuitive and simple web interface is provided for PCAP browsing, searching, and exporting.
Stenographer is a full-packet-capture utility for buffering packets to disk for intrusion detection and incident response purposes. It provides a high-performance implementation of NIC-to-disk packet writing, handles deleting those files as disk fills up, and provides methods for reading back specific sets of packets quickly and easily.It’s fast because it doesn’t do this. Even with the very minimal, single-pass processing of packets we do, processing ~1Gbps for indexing alone can take >75% of a single core.
The first stage of development is do write a tool to anonymize packet capture files captured with libpcap. After that we will be integrating this with tcpdump to anonymize in real-time and analyze and look for its effect on different IDS's.
Pycap provides the ability to capture packets from, and inject packets onto, network interfaces. It dissects commonly found structures in network packets such as Ethernet, IP, ARP, TCP, UDP, and ICMP headers.
The Packet Debugger allows users to work with pcap packet trace files in the same way that programmers use source code debuggers. Users can list, inspect, modify, and retransmit any packet from captured files as well as work with live packet capture.