NFStream: a Flexible Network Data Analysis Framework.

DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat detection

PyPI "netflow" package. NetFlow v9 parser, collector and analyzer implemented in Python 3. Developed and tested with softflowd

Cyber Attack Detection thanks to Machine Learning Algorithms

(SIGCOMM '22) Practical GAN-based Synthetic IP Header Trace Generation using NetShare

A python script to send pmacct's output to ElasticSearch

Manito Networks Flow Analyzer

Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threat hunting, blue team assessments, audits, and security control assessments.

Pure Python netflow and DNS correlation, with reusable Frame Streams, DnsTap and Protobuf implementations

A configurable rule-based labeling tool for network flow files.

Automatically fetch MAC/IP address tables (ARP and IPv6 neighbors) from devices and build MAC address to BGP peer ASN mappings.

Associates netflow data with system processes and logs to syslog

lnf-tools is a set of Perl, Python libraries and C code to analyze and process large set of Netflow records.

Netflow generator from JSON to PCAP

DUPI Streaming AWS Flow Log Monitor

Tool to generate a machine learning model to detect port scans, or maybe other unwanted activity

Netflow v5 to NTOPNG reporter/converter/hack

FeNOMan is an FL-driven traffic flow classification framework

Replay netflow/sflow captured data as regular IP traffic to a network interface