MCL-edge is an integrated command-line driven workbench for large scale network analysis. It includes programs for the computation of shortest paths, diameter, clustering coefficient, betweenness centrality, and network shuffles. A module for loading and analyzing gene expression data as a network is provided. The MCL algorithm is a fast and highly scalable cluster algorithm for networks based on stochastic flow. The flow process employed by the algorithm is mathematically sound and intrinsically tied to cluster structure, which is revealed as the imprint left by the process. The threaded implementation has handled networks with millions of nodes within hours and is widely used in the fields of bioinformatics, graph clustering, and network analysis.
pyoui is a console Python program that lets you know which vendor has made an Ethernet/Bluetooth device. OUI stands for Organizationally Unique Identifier. In every electronic device that has a MAC address, the first (most weighted) 24 bits are the OUI, and they identify the vendor of that device. When you are sniffing network traffic, you may be interested in which network cards are active, or even if a MAC address is faked. This program is intended to help you with such things.
UDP Test is a simple UDP server and client bundled into a single script. It is designed to be used as a network testing tool, and it detects packet loss and corruption. UDP is a lossy network transport in that UDP packets may be dropped if there is not enough capacity to send them. UDP is typically used in real-time scenarios such as voice and video chat. udptest.rb is designed to be as simple as possible. It bounces small packets from the client to the server and back again. If the packet checksum is incorrect at any point, the script exits with an error. This type of script is designed to detect faulty hardware and errors in configuration, as well as network performance.
Suricata is an Intrusion Detection and Prevention (IDS/IPS) engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support, file extraction capabilities, and many more features. It's capable of loading existing Snort rules and signatures, and supports many frontends through Barnyard2.
Qosmos NI_DUMP (“Network Intelligence Dump”) is Linux-based tool inspired by the popular tcpdump, enabling you to read, print, or save packet data related to traffic traveling over your network. Qosmos NI_DUMP is a light and versatile packet capture tool that recognizes 120 of the most commonly used protocols and applications, including SMTP, HTTP, MySQL, and NFs. This represents a small but useful sample of the full Qosmos Protocol Portfolio, comprising over 300 protocols and 4000 metadata. Unlike conventional packet dump tools, Qosmos NI_Dump can identify protocols using non-standard TCP or UDP ports, and incorporates an easy-to-use advanced filter expression language that enables users to zoom in on data of most interest to them, such as FTP transfers matching a particular filename or HTTP requests containing a particular keyword.
libsysactivity is a lightweight library that retrieves statistics of the system's activity in a portable and thread safe way. In each OS that it supports, it offers the same API for retrieving the activity of Hard disks, CPUs memory, Processes, Network interfaces, Memory, and Swaps.
Chaosmap is an information gathering tool and DNS, Whois, and Web server scanner. It can be used to look up DNS names with a dictionary with or without using a salt. Salting for DNS means it will append numbers from 1-9 to the name in the dictionary with or without a - and _ or a leading 0. Salting for Web stuff will try double slashes and some directory traversal tricks. It performs reverse DNS lookups of a whole IP range (with optional Whois lookup) and dictionary scans for hidden paths on one Web server or a range of IP addresses. Optionally you can encode a path with URL encoding use Google dict lookup mode to find the path on Google and only query the Webserver if there are no search results. It can also extract email addresses from domains using a Google search or perform a list of Google Hacking queries on your domain.