Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Materials about Encrypted Traffic Analysis

SaaS Zero - Network Traffic Monitor Professional network traffic monitoring and security analysis platform

A platform built for easy-to-use automated network traffic analysis

The Attacker IP Prioritizer(AIP) dynamically generates resource-friendly IPv4 blocklists from Zeek network flows.

A Python-based network traffic analyzer for PCAP files, providing insights into protocol distribution, IP communications, and potential port scanning activities.

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

The model leverages the strengths of both CNNs and BiLSTM networks to effectively capture spatial and temporal patterns in network traffic data. We trained and evaluated the model using a comprehensive dataset of cyber attacks. The model achieved a high accuracy of 99%.

Notes for technologies useful in applying ml to the unsw-nb15 dataset (Draft)

This repository provides comprehensive guides, configurations, rules, and practical examples for Snort, the open-source intrusion detection system (IDS). Ideal for cybersecurity professionals and enthusiasts looking to enhance their network security skills.

Keysight NAS (IXIA) Cloud Demo Examples

OTARIS traffic analyzer

Plug into extended SecOps: Bring Google Cloud's analytics to your local network. tshark captures on-prem, GCP transforms to UDM. Scalable, event-driven, via Terraform.

Comparative network traffic analysis using public datasets (MAWI and CAIDA) — Undergraduate thesis project (UFSM 2025/1)

The "Network Packet Analyzer" project is a network packet analysis tool, helping to analyze and display information about data packets transmitted over the network.

The project is about fingerprinting operating systems using different multi-class classification algorithms.

Bypass Messenger SSL pinning on Android devices.

A real-time, AI-augmented network monitoring tool built with Python, Dash, and Scapy. It captures live packets or analyzes .pcap files, applies ML/AI-based filtering, detects port scans, triggers email alerts, and logs incidents. The interactive web dashboard visualizes protocol usage and traffic stats, supporting advanced visual filters.