Open Source Deep Packet Inspection Software Toolkit
-
Updated
Jun 1, 2026 - C
#
ndpi
Here are 26 public repositories matching this topic...
NFStream: a Flexible Network Data Analysis Framework.
python data-science machine-learning data-mining netflow pcap packet-analyser traffic-analysis artificial-intelligence cybersecurity network-monitoring data-analysis dataset-generation network-analysis packet-capture ndpi network-security deep-packet-inspection traffic-classification
-
Updated
Jun 17, 2026 - Python
Network Traffic Identification with Convolutional Neural Networks
python deep-learning protocol keras wireshark ieee convolutional-neural-networks publication payload network-traffic ndpi tcpflow service-labels network-traffic-identification
-
Updated
Jan 23, 2019 - Jupyter Notebook
Self-hosted PCAP analysis platform with LLM-powered incident triage, signature-based threat detection, and AI-generated incident narratives. Features network change monitoring across captures, deep packet inspection via nDPI, and automated Wireshark filter generation. Runs fully offline with local LLMs (Ollama, LM Studio).
pcap ai network-forensics incident-response dfir cybersecurity network-monitoring wireshark threat-hunting soc triage tshark ndpi pcap-analyzer packet-analysis blue-team cyber-defense protocol-analysis llm ollama
-
Updated
Jun 21, 2026 - TypeScript
GUI wrapped around anonymise label for SVS and NDPI whole slide images
-
Updated
Mar 8, 2023 - Python
A nDPI wrapper by golang based on CGO
-
Updated
Apr 10, 2023 - Go
A java application that loads 3 csv files obtained from ntopng, CICFlowmeter, and nDPI. It compares the flows statistics obtained from pcap files with CICFlowmeter and ntopng and once a match is found that flow is labeled with the Layer 7 protocol obtained with the nDPI library within ntopng. The application delivers a csv file with all the flow…
-
Updated
Jan 19, 2018 - Java
Run ntopng with Docker.
-
Updated
Dec 31, 2019 - Dockerfile
This repository contains a reproducible Docker-based testbed to evaluate the detectability of VPN traffic (baseline WireGuard) and VPN obfuscation techniques (e.g., obfs4, udp2raw) using Suricata IDS, Zeek, nDPI & tcpdump.
docker dpi suricata ids tcpdump ndpi zeek wireguard obfs4 udp2raw zeek-ids shadowsocks-rust vpn-obfuscation
-
Updated
May 4, 2026 - Jupyter Notebook
Open-source DPI plugin for FD.io VPP — classify 300+ applications (YouTube, SIP, TLS, QUIC) at line rate using nDPI
-
Updated
Apr 21, 2026 - C
Improve this page
Add a description, image, and links to the ndpi topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the ndpi topic, visit your repo's landing page and select "manage topics."