Awesome-Mirrors/awesome-security
1
0
Fork 0
mirror of https://github.com/sbilly/awesome-security.git synced 2025-01-16 17:57:13 -05:00
Code Issues Packages Projects Releases Wiki Activity

modified Monitoring section to Monitoring / Logging section.

Browse Source 
add Full Packet Capture / Forensic section.
add more lists to Other Awesome Lists section.
This commit is contained in:
sbilly 2014-08-22 10:35:04 +08:00
parent 92ddae3fe7
commit 42bd318044
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
README.md
View File

@ -8,12 +8,17 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c
## Network
### Monitoring
### Monitoring / Logging
* [justniffer](http://justniffer.sourceforge.net/) - Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate Apache web server log files, track response times and extract all "intercepted" files from the HTTP traffic.
* [httpry](http://dumpsterventures.com/jason/httpry/) - httpry is a specialized packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the traffic as it is parsed, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications.
* [ngrep](http://ngrep.sourceforge.net/) - ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets. It currently recognizes IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw across Ethernet, PPP, SLIP, FDDI, Token Ring and null interfaces, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.
### Full Packet Capture / Forensic
* [tcpflow](https://github.com/simsong/tcpflow) - tcpflow is a program that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis and debugging. Each TCP flow is stored in its own file. Thus, the typical TCP flow will be stored in two files, one for each direction. tcpflow can also process stored 'tcpdump' packet flows.
* [Xplico](http://www.xplico.org/) - The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isnt a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT).
## Endpoint
### Android
@ -22,7 +27,11 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c
## Other Awesome Lists
Other amazingly awesome lists can be found in the [awesome-awesomeness](https://github.com/bayandin/awesome-awesomeness) list.
Other amazingly awesome lists:
* [awesome-awesomeness](https://github.com/bayandin/awesome-awesomeness) - awsome-* or *-awesome lists.
* [lists](https://github.com/jnv/lists) - The definitive list of (awesome) lists curated on GitHub
## Contributing