Malcolm

Traffic analyzer

A network traffic analysis tool suite that accepts various data formats and provides visualization and incident response capabilities.

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

GitHub

2k stars
53 watching
330 forks
Language: Python
last commit: 9 days ago
Linked from 1 awesome list

arkimecybersecurityinfosecnetwork-securitynetwork-traffic-analysisnetworksecuritynetworktrafficanalysisopensearchopensearch-dashboardspcapsecuritysuricatazeek

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
idaholab/malcolm A powerful tool suite for analyzing and visualizing network traffic data 360
tomchop/malcom Analyzes network traffic to detect malware communication and behavior 1,155
michoo/pci Analyzes network traffic to investigate packet interactions and visualize connections on a graph-based platform. 90
ch3k1/squidmagic Analyzes web-based network traffic to detect malicious command and control servers using Squid proxy server and Spamhaus 78
chrispassas/silk An open source package that enables easy analysis of network traffic data 14
activecm/rita A framework for detecting malicious communication patterns in network traffic by analyzing Zeek logs. 199
srinivas11789/pcapxray A tool to visualize network traffic and extract information from packet captures 1,698
salesforce/gquic_protocol_analyzer An analyzer tool for parsing GQUIC traffic in network security monitors to detect anomalies and malicious activity. 76
shmohammadi86/netdecode A tool to decode and analyze network traffic patterns 0
cisco/mercury A tool for analyzing and extracting metadata from network packets 444
sunwxg/golibwireshark A Go-based tool for decoding and analyzing network capture files using the libwireshark library. 29
benjeems/packetstrider Analyzes network traffic from SSH connections to detect potential security threats and reverse sessions. 253
matthewjdenny/ccas Provides tools for modeling and analyzing communication network data using statistical models. 5
linklayer/reversegear Automated toolset for analyzing and decoding automotive network traffic logs 46
zeek/zeek An in-depth network analysis framework for analyzing network traffic and security monitoring. 6,473