Process-aware, eBPF-based tcpdump

remote network security utility in python using TCPdump and Nmap for raspberry pi.

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

Pcap editing and replay tools for *NIX and Windows - Users please download source from

Scapy: the Python-based interactive packet manipulation program & library.

Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.

FastNetMon - very fast DDoS sensor with sFlow/Netflow/IPFIX/SPAN support

go-pcap2socks functions like a router, allowing you to connect various devices such as an XBOX, PlayStation (PS4, PS5), Nintendo Switch, mobile phones, printers and others to any SOCKS5 proxy server. Additionally, you can host a SOCKS5 proxy server on the same PC to use services like a VPN or a game booster/accelerator for reduced latency

Python-based Comprehensive Network Packet Analysis Library

Documentation for Zeek

Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)

Open source security data pipelines.

HOMER - 100% Open-Source SIP, VoIP, RTC Packet Capture & Monitoring

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

A Python script for identifying and analyzing IP packets in PCAP files.

A Software Probe for network packet capturing and forwarding in Cloud/Kubernetes and Virtualized environment.

Comfortably monitor your Internet traffic 🕵️‍♂️

Ingesting, pipelining, and enhancing your DNS logs with usage indicators, security analysis, and additional metadata.