Big Data

hadoop-pcap – Hadoop library to read packet capture (PCAP) files. Workbench – A scalable python framework for security research and development teams. OpenSOC – OpenSOC integrates a variety of open source big data technologies in order to offer a centralized tool for security monitoring and analysis. Apache Spot (incubating) – Apache Spot is open source […]

Scanning / Pentesting

OpenVAS – OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. Metasploit Framework – A tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive and related research. Kali – Kali Linux is […]

Fast Packet Processing

DPDK – DPDK is a set of libraries and drivers for fast packet processing. PFQ – PFQ is a functional networking framework designed for the Linux operating system that allows efficient packets capture/transmission (10G and beyond), in-kernel functional processing and packets steering across sockets/end-points. PF_RING – PF_RING is a new type of network socket that […]

Full Packet Capture / Forensic

ngrep – ngrep is like GNU grep applied to the network layer. It’s a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, […]