"topic:network-forensics" — Search

86 results for “topic:network-forensics”

PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, Npcap, WinPcap, DPDK, AF_XDP and PF_RING.

C++3.1k735Updated 1 week ago

cppdpdkebpflibpcaplinuxmac-osxmultiplatformnetwork-forensicsnetwork-toolsnetworkingpacket-craftingpacket-parsingpacket-processingpcappcap-filespcappluspluspf-ringtcp-reassemblywindowswinpcap

FoxIO-LLC/ja4

JA4+ is a suite of network fingerprinting standards

Rust1.8k166Updated 5 days ago

cybersecurityja3ja3-fingerprintja4ja4-fingerprintja4hja4xjarmnetwork-analysisnetwork-forensics

MISP/misp-warninglists

Warning lists to inform users of MISP about potential false-positives or other information in indicators

Python606190Updated 2 days ago

dfirfalse-positivemispmisp-warninglistsnetwork-forensicsthreat-intelligence

fkie-cad/friTap

Simplifying SSL/TLS traffic analysis for researchers by making SSL decryption effortless.

JavaScript47343Updated 1 day ago

androidandroid-https-capturebinary-analysisfridahookinghttpslinuxnetwork-analysisnetwork-capturenetwork-forensicssecuritysecurity-auditsslssldumptcpdumptls

medbenali/CyberScan

CyberScan: Network's Forensics ToolKit

Python455155Updated 7 years ago

geolocationinformation-gatheringnetwork-analysisnetwork-forensicsnetwork-securitynetwork-visualizationopensourcepcap-analyzerportscannerservice-discovery

faucetsdn/poseidon

Poseidon is a python-based application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. The machine learning algorithms classify and predict the type of device.

Python431127Updated 2 months ago

automationdockerfaucethacktoberfestmachine-learningnetwork-analysisnetwork-forensicsnetwork-monitoringnetwork-trafficnetwork-traffic-capturenetwork-traffic-classificationnetworkingpcappcap-analyzerpcap-filessdnsdn-controllersecuritysoftware-defined-network

stamparm/blackbookArchived

Blackbook of malware domains

26645Updated 9 months ago

domainsintrusion-detectionmalware-detectionnetwork-forensicsnetwork-monitoringsecuritythreats

asiamina/A-Course-on-Digital-Forensics

A course on "Digital Forensics" designed and offered in the Computer Science Department at Texas Tech University

Rich Text Format19450Updated 2 years ago

coursesdigital-forensicsdisk-forensicsmemory-forensicsmobile-forensicsnetwork-forensicsreverse-engineering

lyscf/FlowSage

一款专为 CTF 竞赛设计的智能流量分析工具，支持多协议解析与自动化 Flag 提取，助力快速解题。

1271Updated 4 weeks ago

ctfgolangnetwork-forensicstraffic-analysis

Sakura-sx/Aroma

Every TCP Proxy Is Detectable With RTT Fingerprinting

VCL1150Updated 2 months ago

cdncybersecurityfingerprintingnetworknetwork-forensicsnetwork-securitynetworkingprivacyproxysecuritytcpvarnish

nipunjaswal/networkforensics

Hands-On Network Forensics by Nipun Jaswal

Python6124Updated 2 years ago

forensicsforensics-investigationsmalware-analysisnetwork-forensicspcap-analyzer

fkie-cad/pcapFS

A FUSE module to mount captured network data

C++416Updated 9 months ago

forensicsfusenetwork-forensicspcappcap-filespcapng

cdpxe/nefias

Network Forensic & Anomaly Detection System; tailored for covert channel/network steganography detection

Shell289Updated 1 year ago

anomaly-detectionbashcovert-channelsdistributed-computinginformation-hidinginformation-securityinfoseclinuxnetworknetwork-covert-channelsnetwork-forensicsnetwork-monitoringnetwork-steganographynetworksscientific-computationsscientific-researchsecurityshellshell-scriptssteganography

cdpxe/NetworkCovertChannels

Collection of my network covert channel tools.

C175Updated 1 week ago

compressioncompression-algorithmcovert-channelinformation-hidinginformation-securityinfosecnetwork-analysisnetwork-forensicsnetwork-sciencenetwork-securitynetwork-steganographynetwork-traffic-generatorprotocol-channelsprotocol-hoppingprotocol-hopping-covert-channelsprotocol-switching-covert-channelsscientific-softwaresecret-sharingsteganographywarden

fkie-cad/TLExport

The goal of this project is to help researchers/investigaters to export the decrypted TLS content into a PCAP

Python121Updated 1 year ago

network-analysisnetwork-forensicspcappcapng

farazulhoda/network-traffic-analysis

The Network Traffic Analyzer is a Python script designed for capturing and analyzing network traffic, focusing primarily on DNS traffic. This tool provides users with the capability to monitor network activity in real-time and extract relevant information from captured packets.

HTML95Updated 1 year ago

cybersecuritydata-analysisdns-analysisnetwork-analysisnetwork-forensicsnetwork-monitoring-toolnetwork-trafficnetworking-utilityopen-sourcepacket-snifferpython-scriptingpython3scapy-librarysecurity-analysistraffic-monitoringwhois-lookup

MartinaZembjakova/Network-forensic-tools-taxonomy

Overview of some network tools that can be used during the network forensics (extended with some publicly available datasets)

HTML71Updated 4 years ago

network-datasetnetwork-forensicsnetwork-toolsoverview

Wahid7852/untor-tor

Tor traffic analysis platform for extracting, classifying, and visualizing Tor network flows from PCAPs

Python60Updated 1 month ago

anonymitycybersecurityfastapimachine-learningnetwork-analysisnetwork-forensicsosintpacket-capturepcapprivacyreactsecurity-researchthreat-intelligencetortraffic-analysis

abaker2010/bustaPcap

Program for static analysis of pcap files and recreation of information sent

Python50Updated 2 years ago

network-analysisnetwork-forensicsnetwork-toolspcappcap-analyzerpcap-parserpcapngpysharkpythonpython-3python3

frangelbarrera/IndustrialScanner-Lite

Modular ICS/OT cybersecurity toolkit for Modbus/TCP, Siemens S7Comm, and DNP3. Generates JSON/HTML reports and executive dashboards from PCAPs and safe Modbus scans. Includes sample PCAPs and ModbusPal for testing.

HTML41Updated 2 months ago

automationcritical-infrastructurecybersecuritydashboarddnp3forensic-analysisics-securityindustrial-automationindustrial-control-systemsmodbusnetwork-forensicsoperational-technologyot-securitypacket-analysispenetration-testingpythons7commscadathreat-detectiontoolkit

gs-ai/DuskToDawn

DuskToDawn is a stealth-focused OSINT tool that gathers web intelligence anonymously using the Tor network and IP rotation.

Python40Updated 11 months ago

counterintelligencecovertcyberdark-web-monitoringdeep-webespionagegeointhumintmasintnetwork-forensicsopen-source-intelligenceosintsigint

Khaoulahidaawi/NIPDS

Designing and implementing a Packet-Based Intelligent Network phishing Intrusion Detection system. The idea of the design is to use machine learning to classify Network packets to benign and phishing in real-time flow (for both http/https protocol) based on DNS records and domain name features. It operates by using a pre-programmed list of known phishing threat features and their indicators of compromise (IOCs). As a signature based INPDS it will monitor the packets traversing the network, it compares these packets to the database of known IOCs or attack signatures to flag any suspicious behavior.

Jupyter Notebook43Updated 3 years ago

aidnsdns-recorddpkthttphttp-serveridsintrusion-detectionmachine-learning-algorithmsnetworknetwork-analysisnetwork-basednetwork-forensicsnidsphishingphishing-attacksphishing-detectionscapy-library

denis541/SOC-Analysis-and-Incident-Response

Applied SOC Analysis and Incident Response documentation covering endpoint forensics, network traffic analysis (PCAP), and detection engineering. Demonstrating analyst-level investigative methodology using Splunk, Wireshark, and Sysinternals.

PowerShell30Updated 1 week ago

cybersecuritydetection-engineeringdigital-forensicsendpoint-securityincident-responselog-analysislog-monitoringmalware-analysismitre-attacknetwork-forensicspowershellsecurity-analysissecurity-monitoringsecurity-operationssiemsoc-analystsplunksysinternalswireshark

D14b0l1c/Analysis

Detection modules for 802.11 and Ethernet timing analysis using frame.time_epoch, clustering, and ML-based anomaly detection. Built for passive network behavior analysis.

Python21Updated 5 months ago

anomaly-detectioncybersecuritydevice-fingerprintingmac-randomizationmachine-learningnetwork-forensicspcapprobe-requestspythonscapyunsupervised-learning

rhacrsse/AutomIoT

IoT Forensics Master Thesis @PoliMi

Jupyter Notebook20Updated 2 years ago

androidandroid-studioantlabautomiotexecutive-summaryezviz-lb1ezviz-t31feature-snifferiot-forensicslabeled-datalinksys-wrt3200acmmaster-thesisnetwork-datasetnetwork-forensicspolitecnico-di-milanosmart-hometapo-l530etapo-p100uiautomatoruiautomatorviewer

shivnshu/network-forensics-framework

Usable web interface to perform offline network analysis

JavaScript20Updated 7 years ago

django-applicationnetwork-analysisnetwork-forensics

mazen91111/C2-Profiler

C2 Framework Fingerprinter: identifies Cobalt Strike, Metasploit, Sliver, Havoc, Covenant, Brute Ratel from PCAP traffic using beacon analysis, URI patterns, JA3, and HTTP headers

Python20Updated 3 days ago

beacon-detectionc2-detectioncobalt-strikeja3-fingerprintnetwork-forensicspcap-analysisred-teamthreat-hunting

MikeHorn-git/Hydra

Hunt sql commands in pcap

Python20Updated 1 month ago

forensicsnetwork-forensicspcappysharksqlinjection

johnbumgarner/forensics_tools

This repository contains various scripts that can be used to obtain information about IP addresses and MAC addresses.

Python20Updated 1 year ago

cyber-forensicscybersecuritydigitial-forensicsforensic-toolsforensics-investigationsnetwork-forensics

MichalSoltysikSOC/Cybersecurity-content-videos

Cybersecurity content (YouTube videos) | (1) How Web Protocol Weaknesses Enable Layer 7 DoS Attacks | (2) Deep packet inspection analyses - why the typical approach is not enough | (3) Deep Packet Inspection Analysis - Examining One Packet Killers | (4) Remcos RAT threat analysis on Windows including IEC 60870-5-104 traffic

21Updated 2 days ago

deep-packet-inspectiondeep-packet-inspection-analysesdeep-packet-inspection-analysisdpinetwork-forensicsnetwork-securityrdtremcosround-tripround-trip-delay-timeround-trip-timerttrtt-calculationrtt-measurementrtt-measurementstlswiresharkwireshark-capturewireshark-cheat-sheetwireshark-cheatsheet

Page 1 of 3