Malcolm
Traffic analyzer
A network traffic analysis tool suite that accepts various data formats and provides visualization and incident response capabilities.
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
2k stars
53 watching
330 forks
Language: Python
last commit: 7 days ago
Linked from 1 awesome list
arkimecybersecurityinfosecnetwork-securitynetwork-traffic-analysisnetworksecuritynetworktrafficanalysisopensearchopensearch-dashboardspcapsecuritysuricatazeek
satta/awesome-suricataRelated projects:
| Repository | Description | Stars |
|---|---|---|
 idaholab/malcolm | A powerful tool suite for analyzing and visualizing network traffic data | 360 |
 tomchop/malcom | Analyzes network traffic to detect malware communication and behavior | 1,155 |
 michoo/pci | Analyzes network traffic to investigate packet interactions and visualize connections on a graph-based platform. | 90 |
 ch3k1/squidmagic | Analyzes web-based network traffic to detect malicious command and control servers using Squid proxy server and Spamhaus | 78 |
 chrispassas/silk | An open source package that enables easy analysis of network traffic data | 14 |
 activecm/rita | A framework for detecting malicious communication patterns in network traffic by analyzing Zeek logs. | 194 |
 srinivas11789/pcapxray | A tool to visualize network traffic and extract information from packet captures | 1,698 |
 salesforce/gquic_protocol_analyzer | An analyzer tool for parsing GQUIC traffic in network security monitors to detect anomalies and malicious activity. | 76 |
 shmohammadi86/netdecode | A tool to decode and analyze network traffic patterns | 0 |
 cisco/mercury | A tool for analyzing and extracting metadata from network packets | 444 |
 sunwxg/golibwireshark | A Go-based tool for decoding and analyzing network capture files using the libwireshark library. | 29 |
 benjeems/packetstrider | Analyzes network traffic from SSH connections to detect potential security threats and reverse sessions. | 253 |
 matthewjdenny/ccas | Provides tools for modeling and analyzing communication network data using statistical models. | 5 |
 linklayer/reversegear | Automated toolset for analyzing and decoding automotive network traffic logs | 46 |
 zeek/zeek | An in-depth network analysis framework for analyzing network traffic and security monitoring. | 6,459 |