Warning lists to inform users of MISP about potential false-positives or other information in indicators
-
Updated
Dec 1, 2025 - Python
#
network-forensics
Here are 18 public repositories matching this topic...
CyberScan: Network's Forensics ToolKit
opensource service-discovery network-forensics geolocation network-visualization network-analysis network-security information-gathering portscanner pcap-analyzer
-
Updated
Jan 23, 2019 - Python
Poseidon is a python-based application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. The machine learning algorithms classify and predict the type of device.
docker security machine-learning automation pcap networking network-forensics sdn network-monitoring network-traffic-capture pcap-files sdn-controller network-analysis hacktoberfest software-defined-network network-traffic faucet pcap-analyzer network-traffic-classification
-
Updated
Jul 3, 2025 - Python
Hands-On Network Forensics by Nipun Jaswal
-
Updated
Jun 26, 2023 - Python
The goal of this project is to help researchers/investigaters to export the decrypted TLS content into a PCAP
-
Updated
Aug 17, 2024 - Python
Program for static analysis of pcap files and recreation of information sent
python pcap network-forensics python3 network-tools python-3 pcapng network-analysis pcap-analyzer pyshark pcap-parser
-
Updated
Jun 29, 2023 - Python
Hunt sql commands in pcap
-
Updated
Sep 5, 2025 - Python
Detection modules for 802.11 and Ethernet timing analysis using frame.time_epoch, clustering, and ML-based anomaly detection. Built for passive network behavior analysis.
python machine-learning pcap network-forensics cybersecurity probe-requests scapy unsupervised-learning anomaly-detection device-fingerprinting mac-randomization
-
Updated
Oct 19, 2025 - Python
passive device fingerprinting api for network intrustion detection
network-forensics network-analysis network-security network-intrusion-detection passive-vulnerability-scanner
-
Updated
May 4, 2018 - Python
This repository contains various scripts that can be used to obtain information about IP addresses and MAC addresses.
network-forensics cybersecurity digitial-forensics forensics-investigations forensic-tools cyber-forensics
-
Updated
Jul 23, 2024 - Python
DuskToDawn is a stealth-focused OSINT tool that gathers web intelligence anonymously using the Tor network and IP rotation.
osint network-forensics deep-web cyber espionage sigint geoint covert open-source-intelligence humint masint counterintelligence dark-web-monitoring
-
Updated
Apr 16, 2025 - Python
Z-Shark is a high-performance, CLI-first network forensics platform designed for advanced anomaly detection. Leveraging mathematical models such as Fast Fourier Transform (FFT), Shannon Entropy, and Z-Score statistical profiling, it uncovers hidden threats like C2 beaconing, DGA, and low-and-slow DDoS attacks in PCAP traffic.
python cli network-forensics traffic-analysis cybersecurity intrusion-detection threat-hunting anomaly-detection packet-analysis z-score automated-reporting pcap-processing shnnon-entropy
-
Updated
Nov 19, 2025 - Python
Filter background traffic from capture files
-
Updated
Apr 20, 2024 - Python
This project leverages Software-Defined Networking (SDN) principles to monitor, detect, and respond to network traffic anomalies in real-time.
python flask networking analysis network-forensics chartjs sdn wireshark scapy sdn-controller network-analysis software-defined-network sdn-network mininet anomaly-detection mininet-topology network-logs real-time-detection
-
Updated
Jan 8, 2025 - Python
An advanced, security-focused network traffic analysis tool designed for system administrators, cybersecurity professionals, and network engineers. The xsukax PCAP Analyzer provides comprehensive insights into network behavior while maintaining strong privacy protections and offering advanced threat detection capabilities.
network-forensics forensics cybersecurity network-monitoring wireshark scapy network-analysis network-traffic network-security system-administration security-tools pcap-analyzer packet-analysis threat-detection dns-analysis network-visibility enterprise-security protocol-analysis dns-security network-behavioral-analysis
-
Updated
Sep 12, 2025 - Python
A novel DFIR framework developed using the Django, a web framework of Python, integrated directly with the ONOS controller via REST APIs. The framework enables real-time flow monitoring, entropy-based anomaly detection, and evidence extraction through a centralized dashboard interface.
-
Updated
Jul 9, 2025 - Python
-
Updated
Mar 31, 2019 - Python
IP Address Investigation and WHOIS Intelligence
dns networking network-forensics whois ip-address cybersecurity penetration-testing intrusion-detection network-monitoring network-analysis tcp-ip firewalls vulnerability-assessment ethical-hacking network-security port-scanning subnetting packet-analysis network-infrastructure ip-scanning
-
Updated
Sep 1, 2025 - Python
Improve this page
Add a description, image, and links to the network-forensics topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the network-forensics topic, visit your repo's landing page and select "manage topics."