network-forensics
There are 38 repositories under network-forensics topic.
seladb/PcapPlusPlus
PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, Npcap, WinPcap, DPDK, AF_XDP and PF_RING.
FoxIO-LLC/ja4
JA4+ is a suite of network fingerprinting standards
MISP/misp-warninglists
Warning lists to inform users of MISP about potential false-positives or other information in indicators
medbenali/CyberScan
CyberScan: Network's Forensics ToolKit
faucetsdn/poseidon
Poseidon is a python-based application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. The machine learning algorithms classify and predict the type of device.
fkie-cad/friTap
Simplifying SSL/TLS traffic analysis for researchers by making SSL decryption effortless.
stamparm/blackbook
Blackbook of malware domains
asiamina/A-Course-on-Digital-Forensics
A course on "Digital Forensics" designed and offered in the Computer Science Department at Texas Tech University
nipunjaswal/networkforensics
Hands-On Network Forensics by Nipun Jaswal
fkie-cad/pcapFS
A FUSE module to mount captured network data
cdpxe/nefias
Network Forensic & Anomaly Detection System; tailored for covert channel/network steganography detection
cdpxe/NetworkCovertChannels
Some network covert channel projects of my own research, containing a protocol channel tool (protocol switching covert channel, PCT/PSCC), a protocol hopping covert channel (PHCC) tool, the protocol channel-aware active warden (PCAW) and ... VSTT.
MartinaZembjakova/Network-forensic-tools-taxonomy
Overview of some network tools that can be used during the network forensics (extended with some publicly available datasets)
fkie-cad/TLExport
The goal of this project is to help researchers/investigaters to export the decrypted TLS content into a PCAP
abaker2010/bustaPcap
Program for static analysis of pcap files and recreation of information sent
farazulhoda/network-traffic-analysis
The Network Traffic Analyzer is a Python script designed for capturing and analyzing network traffic, focusing primarily on DNS traffic. This tool provides users with the capability to monitor network activity in real-time and extract relevant information from captured packets.
Khaoulahidaawi/NIPDS
Designing and implementing a Packet-Based Intelligent Network phishing Intrusion Detection system. The idea of the design is to use machine learning to classify Network packets to benign and phishing in real-time flow (for both http/https protocol) based on DNS records and domain name features. It operates by using a pre-programmed list of known phishing threat features and their indicators of compromise (IOCs). As a signature based INPDS it will monitor the packets traversing the network, it compares these packets to the database of known IOCs or attack signatures to flag any suspicious behavior.
denverskylines/p0f-api-legacy
passive device fingerprinting api for network intrustion detection
MikeHorn-git/PsqlHunter
Hunt sql commands in pcap
rhacrsse/AutomIoT
IoT Forensics Master Thesis @PoliMi
shivnshu/network-forensics-framework
Usable web interface to perform offline network analysis
axmahr/PcapCleaner
Filter background traffic from capture files
B4K35/SIT327-Network-Forensics-Lab
This repository was designed to help streamline the process of completing the Deakin unit SIT327 Network Forensics.
Baniur/Writeups
Write-ups for CTF-like, CyberSec training platforms (BTLO, CyberDefenders, Hack The Box Sherlocks)
johnbumgarner/forensics_tools
This repository contains various scripts that can be used to obtain information about IP addresses and MAC addresses.
MichalSoltysikSOC/Cybersecurity-content-videos
Cybersecurity content (YouTube videos) | (1) Deep packet inspection analyses - why the typical approach is not enough | (2) Deep Packet Inspection Analysis - Examining One Packet Killers | (3) Remcos RAT threat analysis on Windows including IEC 60870-5-104 traffic
Baniur/baniur.github.io
Write-ups for CTF-like, CyberSec training platforms (BTLO, CyberDefenders) | Repository of forensic artifacts which are useful in real world and CTF investigations
lucadibello/wiremap-public
🛰️ A sophisticated network mapper and analyser
53845714nF/brassfork
Fork of brassfork Tool which format pcap files to Gephi readable files
bolisettynihith/Intro-Network-Forensics-challenges
Contains beginner-level network forensics challenges from various CTFs.
BraydenProckish/buffn3rd-Writeups
These are my writeups for cybersecurity platforms that will go in-depth on how I solved a challenge.
computerforensicslab/honeypots
NETWORK FORENSICS: 25 different honeypots in a single pypi package! (dns, ftp, httpproxy, http, https, imap, mysql, pop3, postgres, redis, smb, smtp, socks5, ssh, telnet, vnc, mssql, elastic, ldap, ntp, memcache, snmp, oracle, sip and irc)
githubfoam/tshark-githubactions
tshark network forensics ubuntu
githubfoam/tshark-sandbox
tshark network forensics ubuntu windows
N4rr34n6/BitTorrent-Analysis-Tool
This PowerShell script (BitTorrent.ps1) processes a PCAPNG capture file to extract and analyze BitTorrent traffic.
N4rr34n6/Probe-Request-Capture-Tool
This PowerShell-based tool captures wireless network probe requests using TShark (the command-line version of Wireshark), processes the data in real time, and stores the results in a CSV file. The tool provides detailed insights into WLAN networks and associated MAC addresses, making it useful for network diagnostics and analysis.