Provides a quick visual “thumbnail” snapshot of a network packet capture (PCAP file) from the perspective of a single host/device. PCAPPlot generates thumbnails of four distinct properties: which external hosts the device talked to, which internal hosts it talked to, which source ports it uses, and which destination ports it talks to.

A light-weight platform built to automate network collection and analysis pipelines (and so much more!) using a flexible set of popular open source tools and technologies. Vent is Python-based, extensible, leverages docker containers, and provides both an API and CLI.

Vent is a light-weight platform designed to simplify the tasks of configuring, building, and deploying pipelines that ingest, analyze, and display data. It leverages Docker containers to deploy popular open source tools and technologies, but it can also implement custom plugins to deploy vastly different flavors of Vent instances. Users can quickly deploy and administer their desired collection of features through Vent’s extensible Python-based CLI and API.

Cyber Reboot frequently utilizes Vent as our platform of choice when deploying Poseidon to collect and analyze network traffic, but the potential use cases are many. Simply create your plugins, provide Vent with their URL to download and install them, and drop a file in Vent’s input folder to begin processing!