The net-analyzer category contains network analysis software.
| 2ping | A bi-directional ping utility |
|---|---|
| alive | a periodic ping program |
| amap | A network scanning tool for pentesters |
| angst | an active sniffer that provides methods for aggressive sniffing on switched LANs |
| apinger | Alarm Pinger |
| argus | network Audit Record Generation and Utilization System |
| argus-clients | Clients for net-analyzer/argus |
| arp-scan | ARP scanning and fingerprinting tool |
| arp-sk | A swiss knife tool for ARP |
| arping | A utility to see if a specific IP address is taken and what MAC address owns it |
| arpoison | A utility to poison ARP caches |
| arpon | ArpON (Arp handler inspectiON) is a portable Arp handler |
| arptools | a collection of libnet and libpcap based ARP utilities |
| arpwatch | An ethernet monitor program that keeps track of ethernet/IP address pairings |
| authforce | An HTTP authentication brute forcer |
| barnyard | Fast output system for Snort |
| barnyard2 | Parser for Snort unified/unified2 files |
| bigeye | network utility dump and simple honeypot utility |
| bing | A point-to-point bandwidth measurement tool |
| bmon | interface bandwidth monitor |
| braa | Quick and dirty mass SNMP scanner |
| bsnmp | Mini-SNMP Daemon and Library |
| bwbar | The kernel.org "Current bandwidth utilization" bar |
| bwm-ng | Bandwidth Monitor NG is a small and simple console-based bandwidth monitor |
| bwmon | Simple ncurses bandwidth monitor |
| bwping | A tool to measure bandwidth and RTT between two hosts using ICMP |
| cacti | Cacti is a complete frontend to rrdtool |
| cacti-spine | Spine is a fast poller for Cacti (formerly known as Cactid) |
| calamaris | Calamaris parses the logfiles of a wide variety of Web proxy servers and generates reports |
| carl | An rsync logfile analyzer |
| cbm | Display the current traffic on all network devices |
| chaosreader | Trace TCP/UDP/... sessions and fetch application data. |
| check_mk_agent | Agent to report data to Check_MK for monitoring |
| chronograf | Monitoring, processing and alerting on time series data |
| cloudshark | Easily upload your wireshark captures to CloudShark |
| cnet | Network simulation tool |
| cryptcat | netcat clone extended with twofish encryption |
| cutter | TCP/IP Connection cutting on Linux Firewalls and Routers |
| darkstat | Network traffic analyzer with cute web interface |
| dhcp_probe | discover DHCP and BootP servers on a directly-attached Ethernet network |
| dhcpdump | DHCP Packet Analyzer/tcpdump postprocessor |
| dnsenum | A perl script to enumerate DNS from a server |
| dnstracer | Determines where a given nameserver gets its information from |
| dosdetector | Tool to analyze and detect suspicious traffic from IP and alert about it |
| driftnet | Listen to network traffic and pick out images from TCP streams observed |
| echoping | Small program to test performances of remote servers |
| egressor | tool for checking router configuration |
| etherape | A graphical network monitor for Unix modeled after etherman |
| ethloop | Local simulator for testing Linux QoS disciplines |
| ettercap | A suite for man in the middle attacks |
| fail2ban | scans log files and bans IPs that show malicious signs |
| firewalk | A tool for determining a firewall's rule set |
| flent | The FLExible Network Tester |
| flow-tools | library and programs to process reports from NetFlow data |
| flowgrind | Network performance measurement tool |
| fping | A utility to ping multiple hosts at once |
| fprobe | libpcap-based tool to collect network traffic data and emit it as NetFlow flows |
| fragroute | Testing of network intrusion detection systems, firewalls and TCP/IP stacks |
| ftester | Firewall and Intrusion Detection System testing tool |
| fwlogwatch | A packet filter and firewall log analyzer |
| gensink | A simple TCP benchmark suite |
| gnome-nettool | Graphical front-ends to various networking command-line |
| goaccess | A real-time web log analyzer and interactive viewer that runs in a terminal |
| gr-fosphor | gnuradio fosphor block (GPU spectrum display) |
| graphite-web | Enterprise scalable realtime graphing |
| greenbone-security-assistant | Greenbone Security Assistant for OpenVAS |
| gsm-receiver | GSM receiver block from the airprobe suite |
| gspoof | A simple GTK/command line TCP/IP packet generator |
| gvm-tools | A remote security scanner for Linux (OpenVAS-cli) |
| hexinject | Network packet sniffer and injector |
| hping | A ping-like TCP/IP packet assembler/analyzer |
| httping | like ping but for HTTP requests |
| hunt | tool for checking well known weaknesses in the TCP/IP protocol |
| hydra | Parallelized network login hacker |
| ibmonitor | Interactive bandwidth monitor |
| icinga | Nagios Fork - Check daemon, CGIs, docs, IDOutils |
| icinga-web | Icinga Web - new Web Interface |
| icinga2 | Distributed, general purpose, network monitoring engine |
| ifmetric | Set metrics of all IPv4 routes attached to a given network interface at once |
| ifstat | Network interface bandwidth usage, with support for snmp targets |
| ifstatus | A simple CLI program for displaying network statistics in real time |
| iftop | display bandwidth usage on an interface |
| ike-scan | A utility for finding, fingerprinting and testing IKE VPN servers |
| ipaudit | IPAudit monitors network activity on a network by host, protocol and port |
| ipband | A pcap based IP traffic and bandwidth monitor with configurable reporting and alarm abilities |
| ipcad | IP Cisco Accounting Daemon |
| ipgen | Generate list of IP addresses from a network specification |
| ipguard | Tool designed to protect LAN IP adress space by ARP spoofing |
| iplog | iplog is a TCP/IP traffic logger |
| ippl | A daemon which logs TCP/UDP/ICMP packets |
| ipsumdump | Simple TCP/IP Dump summarizer/analyzer |
| iptraf-ng | A console-based network monitoring utility |
| iptstate | IP Tables State displays states being kept by iptables in a top-like format |
| ipv6toolkit | Set of IPv6 security/trouble-shooting tools to send arbitrary IPv6-based packets |
| isic | IP Stack Integrity Checker |
| jffnms | Network Management and Monitoring System |
| jmx2munin | JMX Monitoring plugin for Munin |
| jnettop | A top like console network traffic visualiser |
| kapacitor | Monitoring, processing and alerting on time series data |
| knocker | Knocker is an easy to use security port scanner written in C |
| labrea | 'Sticky' Honeypot and IDS |
| lft | Layer Four Traceroute (LFT) and WhoB |
| lilac | Web-based configuration tool written to configure Nagios |
| linkchecker | Check websites for broken links |
| macchanger | Utility for viewing/manipulating the MAC address of network interfaces |
| masscan | Mass IP port scanner |
| mbrowse | MBrowse is a graphical MIB browser |
| metasploit | Advanced framework for developing, testing, and using vulnerability exploit code |
| mk-livestatus | Nagios/Icinga event broker that allows quick/direct access to your status data |
| monitoring-plugins | 50+ standard plugins for Icinga, Naemon, Nagios, Shinken, Sensu |
| mping | IPv4/6 round-robin multiping client |
| mrtg | A tool to monitor the traffic load on network-links |
| mrtg-ping-probe | Addon mrtg contrib for stats ping/loss packets |
| mtr | My TraceRoute, an Excellent network diagnostic tool |
| multimon-ng | a fork of multimon, decodes multiple digital transmission modes |
| munin | Munin Server Monitoring Tool |
| munin-plugins-zfs | A Munin plugin for monitoring ZFS on Linux |
| nagios | The Nagios metapackage |
| nagios-check_dnssec | check_dnssec is a set of Nagios plugins to monitor DNSSEC services |
| nagios-check_fail2ban | A nagios plugin for checking the fail2ban daemon |
| nagios-check_glsa2 | Nagios check script for GLSAs (Gentoo Linux Security Advisories) |
| nagios-check_ipmi_sensor | IPMI Sensor Monitoring Plugin for Nagios/Icinga |
| nagios-check_linux_bonding | Nagios plugin to monitor bonding status of network interfaces |
| nagios-check_logfiles | A nagios plugin for checking logfiles |
| nagios-check_mysql_health | A nagios plugin for checking MySQL server health |
| nagios-check_pidfile | A nagios plugin for checking daemons via pidfiles |
| nagios-check_rbl | Monitor whether or not a host is blacklisted |
| nagios-core | Nagios core - monitoring daemon, web GUI, and documentation |
| nagios-icinga-openvpn | A Nagios plugin to check whether an OpenVPN server is alive |
| nagios-plugin-check_lm_sensors | Nagios plugin to monitor the values of onboard sensors and disk temperatures |
| nagios-plugin-check_raid | Nagios/Icinga plugin to check current server's RAID status |
| nagios-plugins | Official plugins for Nagios |
| nagios-plugins-flameeyes | Flameeyes's custom Nagios/Icinga plugins |
| nagios-plugins-snmp | Additional Nagios plugins for monitoring SNMP capable devices |
| nagios-sap-ccms-plugin | Nagios plugin that provides an interface to SAP CCMS Infrastructure |
| nagircbot | An irc bot that alerts you to nagios changes |
| nagstamon | systray monitor for displaying realtime status of several monitoring systems |
| nagtrap | Integrated snmptt visualization addon for the Nagios monitoring system |
| namebench | DNS Benchmark Utility |
| nast | NAST - Network Analyzer Sniffer Tool |
| nbtscan | NBTscan is a program for scanning IP networks for NetBIOS name information |
| nbwmon | ncurses bandwidth monitor |
| ndoutils | Nagios addon to store Nagios data in a MySQL database |
| ndsad | Cisco netflow probe from libpcap, ULOG, tee/divert sources |
| nessus-agent-bin | A remote security scanner for Linux - agent component |
| nessus-bin | A remote security scanner for Linux |
| net-snmp | Software for generating and retrieving SNMP data |
| netcat | the network swiss army knife |
| netdata | Linux real time system monitoring, done right! |
| netdiscover | An active/passive address reconnaissance tool |
| nethogs | A small 'net top' tool, grouping bandwidth by process |
| neti | NETI@Home research project from GATech |
| netio | measures net throughput with NetBIOS and TCP/IP protocols |
| netperf | Network performance benchmark |
| netpipe | network protocol independent performance evaluator |
| netselect | Ultrafast implementation of ping |
| nettop | top like program for network activity |
| netwag | Tcl/tk interface to netwox (Toolbox of 222 utilities for testing Ethernet/IP networks) |
| netwatch | Ethernet/PPP IP Packet Monitor |
| netwox | Toolbox of 217 utilities for testing Ethernet/IP networks |
| nfdump | A set of tools to collect and process netflow data |
| ngrep | A grep for network layers |
| nikto | Web server vulnerability scanner |
| nipper | Router configuration security analysis tool |
| nload | Real time network traffic monitor for the command line interface |
| nmap | A utility for network discovery and security auditing |
| nmapsi | A Qt frontend to nmap |
| nmbscan | Scans the shares of a SMB/NetBIOS network |
| nrpe | Nagios Remote Plugin Executor |
| nsat | Network Security Analysis Tool, an application-level network security scanner |
| nsca | Nagios Service Check Acceptor |
| nstats | Displays statistics about ethernet traffic including protocol breakdown |
| ntopng | Network traffic analyzer with web interface |
| nttcp | tool to test TCP and UDP throughput |
| nuttcp | Network performance measurement tool |
| odhcploc | Open DHCP Locator |
| oinkmaster | Rule management for SNORT |
| openbsd-netcat | The OpenBSD network swiss army knife |
| openvas | A remote security scanner |
| openvas-cli | A remote security scanner for Linux (OpenVAS-cli) |
| openvas-libraries | A remote security scanner for Linux (openvas-libraries) |
| openvas-manager | A remote security manager for Linux (openvas-manager) |
| openvas-scanner | A remote security scanner for Linux (OpenVAS-scanner) |
| openvas-tools | A remote security scanner for Linux (extra tools) |
| opsgenie-lamp | command line client for the opsgenie service |
| ospd | Openvas OSP (Open Scanner Protocol) |
| ossec-hids | Open Source Host-based Intrusion Detection System |
| ostinato | A packet generator and analyzer |
| p0f | A tool to perform passive OS detection based on SYN packets |
| packit | network auditing tool that allows you to monitor, manipulate, and inject customized IPv4 traffic |
| pathload | Non-intrusive utility for estimation of available bandwidth of Internet paths |
| pbgpp | PCAP BGP Parser |
| pbnj | A tool for running Nmap scans and diff'ing the results |
| pchar | Internet bandwidth, latency, and loss of links analyzer |
| pinger | Cyclic multi ping utility for selected adresses using GTK/ncurses |
| pktstat | A network monitoring tool with bandwidth tracking |
| pmacct | A network tool to gather IP traffic information |
| pnp4nagios | A performance data analyzer for nagios |
| poink | TCP/IP-based ping implementation |
| portmon | Portmon is a network service monitoring daemon |
| portsentry | Automated port scan detector and response tool |
| prelude-correlator | Real time correlator of events received by Prelude Manager |
| prelude-lml | The prelude log analyzer |
| prelude-lml-rules | Prelude LML community ruleset |
| prettyping | Ping wrapper that produces coloured, easily readable output. |
| pypacker | Fast and simple packet creation and parsing library for Python |
| quidscor | Qualys IDS Correlation Daemon |
| raddump | RADIUS packet interpreter |
| rain | powerful tool for testing stability of hardware and software utilizing IP protocols |
| ripe-atlas-tools | The official command-line client for RIPE Atlas |
| rrdcollect | Read system statistical data and feed it to RRDtool |
| rrdtool | A system to store and display time-series data |
| rtpbreak | Analyze any RTP session through heuristics over UDP network traffic |
| sancp | collect network traffic statistics and store them in pcap format |
| sarg | Squid Analysis Report Generator |
| sbd | Netcat-clone, designed to be portable and offer strong encryption |
| scanlogd | a port scan detection tool |
| scanssh | network scanner that gathers info on SSH protocols and versions |
| scapy | A Python interactive packet manipulation program for mastering the network |
| scli | SNMP Command Line Interface |
| sec | Simple Event Correlator |
| sflowtool | sflowtool is a utility for collecting and processing sFlow data |
| sguil-client | GUI Console for sguil Network Security Monitoring |
| sguil-sensor | Sensor part of sguil Network Security Monitoring |
| sguil-server | Daemon for Sguil Network Security Monitoring |
| sinfo | A monitoring tool for networked computers |
| siphon | A portable passive network mapping suite |
| slurm | Realtime network interface monitor based on FreeBSD's pppstatus |
| smokeping | A powerful latency measurement tool |
| sngrep | Ncurses SIP Messages flow viewer |
| sniffit | Interactive Packet Sniffer |
| snmptt | SNMP Trap Translator |
| snort | The de facto standard for intrusion detection/prevention |
| snortalog | a powerful perl script that summarizes snort logs |
| snortsam | Snort plugin that allows automated blocking of IP addresses on several firewalls |
| softflowd | flow-based network traffic analyser capable of Cisco NetFlow data export |
| speedtest-cli | Command line interface for testing internet bandwidth using speedtest.net |
| sqlninja | A SQL Server injection & takeover tool |
| squid-graph | Squid logfile analyzer and traffic grapher |
| squidsites | A tool that parses Squid access log file and generates a report of the most visited sites |
| squidview | Interactive console program to analyse squid logs |
| ssldump | An SSLv3/TLS network protocol analyzer |
| sslscan | Fast SSL configuration scanner |
| sslsplit | Transparent SSL/TLS interception |
| ssmping | Tool for testing multicast connectivity |
| suricata | High performance Network IDS, IPS and Network Security Monitoring engine |
| symon | Performance and information monitoring tool |
| synscan | A fast asynchronous half-open TCP portscanner |
| syweb | Web frontend to symon |
| tcpdump | A Tool for network monitoring and data acquisition |
| tcpflow | A tool for monitoring, capturing and storing TCP connections flows |
| tcping | Ping implementation that uses the TCP protocol |
| tcpreen | TCP network re-engineering tool |
| tcpreplay | utilities for editing and replaying previously captured network traffic |
| tcpslice | Extract and concatenate portions of pcap files |
| tcpstat | Reports network interface statistics |
| tcptrace | A Tool for analyzing network packet dumps |
| tcptraceroute | tcptraceroute is a traceroute implementation using TCP packets |
| tcptrack | Passive per-connection tcp bandwidth monitor |
| telegraf | The plugin-driven server agent for collecting & reporting metrics. |
| testssl | Tool to check TLS/SSL cipher support |
| thc-ipv6 | complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6 |
| thcrut | Network discovery and fingerprinting tool |
| thrulay | Measure the capacity of a network by sending a bulk TCP stream over it |
| tleds | Blinks keyboard LEDs indicating outgoing and incoming network packets on selected network interface |
| tptest | Internet bandwidth tester |
| tracebox | A Middlebox Detection Tool |
| traceproto | A traceroute-like utility that sends packets based on protocol |
| traceroute | Utility to trace the route of IP packets |
| traceroute-nanog | Traceroute with AS lookup, TOS support, MTU discovery and other features |
| trafshow | Full screen visualization of the network traffic |
| tsung | Erlang's multi-protocol distributed load testing tool |
| ttcp | Tool to test TCP and UDP throughput |
| upnpscan | Scans the network for UPNP capable devices |
| vnstat | Console-based network traffic monitor that keeps statistics of network usage |
| wapiti | Web-application vulnerability scanner |
| webfuzzer | Poor man's web vulnerability scanner |
| wireshark | A network protocol analyzer formerly known as ethereal |
| xnetload | displays a count and a graph of the traffic over a specified network connection |
| xprobe | Active OS fingerprinting tool - this is Xprobe2 |
| yersinia | A framework for layer 2 attacks |
| zabbix | ZABBIX is software for monitoring of your applications, network and servers |
| zmap | Fast network scanner designed for Internet-wide network surveys |
| zniper | Displays and kill active TCP connections seen by the selected interface |