Zeek (formerly known as Bro) is a powerful free and open source framework for network traffic analysis and security monitoring.
Read more
Category: Security
Maltrail – malicious traffic detection system
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists.
Read more
Hostsblock – malware-blocking cronscript
Hostsblock is a POSIX-compatible script for Linux designed to take advantage of the HOSTS file to block malware.
Read more
libredefender – antivirus program
libredefender is an antivirus program. Scanning is implemented with libclamav.
Read more
Unhide – forensic tool to find hidden processes
Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hiding technique.
Read more
phpMussel – PHP-based anti-virus anti-trojan anti-malware solution
phpMussel is a PHP script designed to detect trojans, viruses, malware and other threats within files.
Read more
Linux Malware Detect – malware scanner
Linux Malware Detect (LMD) is a malware scanner that is designed around the threats faced in shared hosted environments.
Read more
ClamTk – frontend for ClamAV
ClamTk is a frontend for ClamAV (Clam Antivirus).
Read more
YARA – pattern matching swiss knife for malware researchers
YARA is a free and open source tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples.
Read more
ClamAV – antivirus engine
Clam AntiVirus is a free and open source anti-virus toolkit, designed especially for e-mail scanning on mail gateways.
Read more
Wireshark – network packet analyzer
Wireshark is a network packet analyzer. A network packet analyzer captures network packets and tries to display that packet data as detailed as possible.
Read more
netsniff-ng – Swiss army knife for network plumbing
netsniff-ng is a performant network analyzer and networking toolkit. It’s described as the Swiss army knife for network packets.
Read more
darkstat – captures network traffic
darkstat is a network statistics gatherer. It captures network traffic on a specified interface, calculates statistics about usage, and serves reports over HTTP.
Read more
dsniff – collection of tools for network auditing and penetration testing
dsniff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor.
Read more
ngrep – grep applied to the network layer
ngrep strives to provide most of GNU grep’s common features, applying them to the network layer. ngrep is a pcap-aware tool.
Read more
tcpdump – command-line packet analyzer
tcpdump is a common computer network debugging tool that runs under the command line. Intercept and display TCP/IP and other packets.
Read more
sniffit – CORBA based sniffer system
sniffIt is a Distributed Sniffer System. Capture network traffic from an unique machine using a graphical client application.
Read more
EtherApe – graphical network monitor
EtherApe is a network traffic browser. It displays network activity graphically.
Read more
Justniffer – network TCP Packet Sniffer
justniffer is a network protocol analyzer that captures network traffic and produces logs.
Read more
sniffer – alternative network traffic sniffer
sniffer is an alternative network traffic sniffer that’s designed for network troubleshooting.
Read more