Awesome List Updates on Dec 08, 2015
11 awesome lists updated today.
🏠 Home · 🔍 Search · 🔥 Feed · 📮 Subscribe · ❤️ Sponsor
1. Awesome Computer Vision
Visual Tracking / Nearest Neighbor Field Estimation
2. Awesome Bitcoin
Open Source Wallets
3. Awesome Stock Resources
Icons / Icon Fonts
- Iconfinder - Iconfinder provides beautiful icons to millions of designers and developers. Most icons are available under attribution. See individual licenses for more details.
4. Awesome Elixir
- distance_api_matrix (⭐29) - Provide distance and heading calculations via Google distance matrix api.
5. Awesome Security
Other Awesome Lists / Other Security Awesome Lists
- Awesome Incident Response (⭐6.2k) - A curated list of resources for incident response.
6. Awesome Rxjava
- RxTuples (⭐113) - Simple tuples to use with RxJava.
7. Awesome Salesforce
Table of Contents / Plugins for Salesforce
- ApexMate (⭐23)- Apex Plugin for TextMate.
- Force.com CLI- Command-line interface to Force.com.
8. Awesome Relay
- Official Docs - Official Relay documentation.
- Getting Started with Relay - One of the few detailed walk throughs of hand-on Relay.
- React Data Fetching with Relay - Clear conceptual overview of Relay's moving parts and magic.
Lists of Lists
- GraphiQL (⭐14k) - A library to introspect GraphQL, test queries and mutations.
- GraphiQL App (⭐2.9k) - A standalone app for viewing GraphQL, introspection docs, and testing queries/mutations. Invaluable for debugging your Relay app.
- Relay Starter Kit (⭐1k) - An app that it already set up with a basic setup. Just clone and tweak to suit your needs!
9. Awesome Pcaptools
- clj-net-pcap (⭐62):
clj-net-pcapis a packet capturing library for Clojure. clj-net-pcap uses jNetPcap and adds convenience functionality around jNetPcap for easing the usability. A paper on clj-net-pcap was published in scope of COMPSACW 2014.
- Yaf: It's a reliable piece of software, quite solid and able to generate flow records from pcap. This is very nice for indexing huge pcap or even doing packet capture. The recent version can even extract payloads and put in the flow records.
- AIEngine: is a next generation interactive/programmable packet inspection engine with capabilities of learning without any human intervention, NIDS functionality, DNS domain classification, network collector and many others. AIEngine also helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
- HttpSniffer (⭐171): A multi-threading tool to sniff TCP flow statistics and embedded HTTP headers from PCAP file. Each TCP flow carrying HTTP is exported to text file in JSON format.
- Libnids: designed by Rafal Wojtczuk, is an implementation of an E-component of Network Intrusion Detection System. It emulates the IP stack of Linux 2.0.x. Libnids offers IP defragmentation, TCP stream assembly and TCP port scan detection. The most valuable feature of libnids is reliability. A number of tests were conducted, which proved that libnids predicts behaviour of protected Linux hosts as closely as possible.
- NetDude: (NETwork DUmp data Displayer and Editor). From their webpage, "it is a GUI-based tool that allows you to make detailed changes to packets in tcpdump tracefiles."
- Ntop: Ntop is a network traffic probe that shows the network usage, similar to what the popular top Unix command does. ntop is based on libpcap and it has been written in a portable way in order to virtually run on every Unix platform and on Win32 as well.
- Pcap2har (⭐220): A program to convert .pcap network capture files to HTTP Archive files using library dpkt.
- pkt2flow (⭐138): A simple utility to classify packets into flows. It's so simple that only one task is aimed to finish. For Deep Packet Inspection or flow classification, it's so common to analyze the feature of one specific flow. I have make the attempt to use made-ready tools like tcpflows, tcpslice, tcpsplit, but all these tools try to either decrease the trace volume (under requirement) or resemble the packets into flow payloads (over requirement). I have not found a simple tool to classify the packets into flows without further processing.
- Scapy: Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can't handle, like sending invalid frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, ...), etc.
- Sniff: Makes output from the tcpdump program easier to read and parse.
- TCP-Reduce: TCP-Reduce is a collection of Bourne shell scripts for reducing tcpdump traces to one-line summaries of each TCP connection present in the trace. The scripts look only at TCP SYN/FIN/RST packets. Connections without SYN packets in the trace (such as those on- going at the beginning of the trace) will not appear in the summary. Garbaged packets (those missing some of their contents) are reported to stderr as bogon's and are discarded. Occasionally the script gets fooled by retransmissions with altered sequence numbers, and reports erroneous huge connection sizes - always check large connections (say 100 MB or more) for plausibility.
- Tcpdpriv: Tcpdpriv is program for eliminating confidential information (user data and addresses) from packets collected on a network interface (or, from trace files created using the -w argument to tcpdump). Tcpdpriv removes the payload of TCP and UDP, and the entire IP payload for other protocols. It implements several address scrambling methods; the sequential numbering method and its variants, and a hash method with preserving address prefix.
- Tcplook: Tracelook is an Tcl/TK program for graphically viewing the contents of trace files created using the -w argument to tcpdump. Tracelook should look at all protocols, but presently only looks at TCP connections. The program is slow and uses system resources prodigiously.
- TraceWrangler: TraceWrangler is a network capture file toolkit running on Windows (or on Linux, using WINE) that supports PCAP as well as the new PCAPng file format, which is now the standard file format used by Wireshark. The most prominent use case for TraceWrangler is the easy sanitization and anonymization of PCAP and PCAPng files (sometimes called "trace files", "capture files" or "packet captures"), removing or replacing sensitive data while being easy to use.
- Tstat: A passive sniffer able to provide several insight on the traffic patterns at both the network and transport levels with a tremendous set of flow features.
- Xplot: The program xplot was written in the late 1980s to support the analysis of TCP packet traces.
- Tcpick: is a textmode sniffer libpcap-based that can track, reassemble and reorder tcp streams. Tcpick is able to save the captured flows in different files or displays them in the terminal, and so it is useful to sniff files that are transmitted via ftp or http. It can display all the stream on the terminal, when the connection is closed in different display modes like hexdump, hexdump + ascii, only printable characters, raw mode and so on.
- Tcpxtract: is a tool for extracting files from network traffic based on file signatures. Extracting files based on file type headers and footers (sometimes called "carving") is an age old data recovery technique.
- Xplico: The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn't a network protocol analyzer. Xplico is an open source Network Forensic An alysis Tool (NFAT). Xplico is released under the GNU General Public License and with some scripts under Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0) License.
Related Projects / Analysis
- Haka: An open source security oriented language which allows to describe protocols and apply security policies on (live) captured traffic. The scope of Haka language is twofold. First of all, it allows to write security rules in order to filter/alter/drop unwanted packets and log and report malicious activities. Second, Haka features a grammar enabling to specify network protocols and their underlying state machine.
- RIPE-NCC Hadoop for PCAP (⭐202): A Hadoop library to read packet capture (PCAP) files. Bundles the code used to read PCAPs. Can be used within MapReduce jobs to natively read PCAP files. Also features a Hive Serializer/Deserializer (SerDe) to query PCAPs using SQL like commands.
10. Awesome Dotnet
- AsyncPoco (⭐127) - A long-"awaited" fully asynchronous PetaPoco fork
- NPoco (⭐821) - Simple microORM that maps the results of a query onto a POCO object. Based on Schotime's branch of PetaPoco
11. Awesome Bigdata
- BidMach (⭐912) - CPU and GPU-accelerated Machine Learning Library.