• Stars
    star
    1,105
  • Rank 42,003 (Top 0.9 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created about 3 years ago
  • Updated 2 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

⭐ ⭐ Use ML to classify flows and packets as benign or malicious. ⭐ ⭐

Documentation GitHub license GitHub stars GitHub issues Slack

FlowMeter

FlowMeter is an experimental utility built for analysing and classifing packets by looking at packet headers.

Primary design goals:

FlowMeter aims to:

  • Classify packets and flows as benign or malicious with high true positives (TP) and low false positives (FP).
  • Use the labeled data to reduce amount of traffic requiring deeper analysis.

Additionally, Deepfence FlowMeter also categorizes packets into flows and shows a rich ensemble of flow data and statistics.

Flowmeter-flows
FlowMeter takes packets and returns file with statistics of flows.
Flowmeter-flowsClassification
Flowmeter takes packets and returns file with statistics of flows and classifies packets as benign or malicious.

When to use FLowMeter

Use FlowMeter if you wish to build and operate machine-learning models on network packet data.

Quick Start

For full instructions, refer to the FlowMeter Documentation.

FlowMeter QuickStart

Who uses FlowMeter?

  • We use FlowMeter internally to quickly analyse and label packets. It forms one part of a project to build a fast pre-filter for packets before we conduct deeper layer-7 analysis in Deepfence ThreatMapper.

Get in touch

Thank you for using FlowMeter.

  • Start with the documentation
  • Got a question, need some help? Find the Deepfence team on Slack
  • GitHub issues Got a feature request or found a bug? Raise an issue
  • productsecurity at deepfence dot io: Found a security issue? Share it in confidence
  • Find out more at deepfence.io

Security and Support

For any security-related issues in the FlowMeter project, contact productsecurity at deepfence dot io.

Please file GitHub issues as needed, and join the Deepfence Community Slack channel.

License

The Deepfence FlowMeter project (this repository) is offered under the Apache2 license.

Contributions to Deepfence FlowMeter project are similarly accepted under the Apache2 license, as per GitHub's inbound=outbound policy.

More Repositories

1

ThreatMapper

Open Source Cloud Native Application Protection Platform (CNAPP)
TypeScript
4,763
star
2

SecretScanner

🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓
Go
3,092
star
3

PacketStreamer

⭐ ⭐ Distributed tcpdump for cloud native environments ⭐ ⭐
Go
1,870
star
4

YaraHunter

🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
Go
1,234
star
5

ebpfguard

Rust library for writing Linux security policies using eBPF
Rust
281
star
6

community

Deepfence Community
69
star
7

deepfence_runtime_api

Deepfence Runtime API & code samples
HTML
50
star
8

vessel

Vessel is the Go based utility that autodetects underlying Container Runtime in Kubernetes
Go
45
star
9

ThreatStryker-docs

ThreatStryker Documentation
42
star
10

package-scanner

Go
41
star
11

yara-rules

YARA
38
star
12

DocumentationWebsite

JavaScript
36
star
13

terraform-gcp-cloud-scanner

Deepfence Cloud Scanner runs in your cloud environment, gathering inventory and compliance information for the assets deployed in that environment. It submits that information to your Deepfence ThreatMapper or ThreatStryker Management Console
HCL
35
star
14

terraform-aws-cloud-scanner

Deepfence Cloud Scanner runs in your cloud environment, gathering inventory and compliance information for the assets deployed in that environment. It submits that information to your Deepfence ThreatMapper or ThreatStryker Management Console
HCL
35
star
15

helm-charts

Smarty
34
star
16

terraform-azure-cloud-scanner

Deepfence Cloud Scanner runs in your cloud environment, gathering inventory and compliance information for the assets deployed in that environment. It submits that information to your Deepfence ThreatMapper or ThreatStryker Management Console
HCL
33
star
17

CI-CD-Integrations

CI/CD plugins for image scanning, integrations with AWS ECR, Google Container Registry
HCL
32
star
18

secretscanner-docker-extension

⛴️ Docker extension for deepfence/SecretScanner 🔐
JavaScript
25
star
19

yarahunter-docker-extension

⛴️Docker extension for deepfence/YaraHunter🔎
JavaScript
24
star
20

terraform-aws-threatmapper

ThreatMapper Terraform module for AWS
HCL
24
star
21

agent-plugins-grpc

Agent plugins' gRPC definitions
Makefile
23
star
22

pcap-tools

C
22
star
23

compliance

Compliance Scripts Handler
Shell
21
star
24

apache-struts

This repository contains sample attacks that can be used to exploit vulnerabilities in the Jakarta Multipart Parser of Apache Struts
Java
20
star
25

.github

18
star
26

sock-app-canary

Shell
17
star
27

golang_deepfence_sdk

Golang deepfence SDK
Go
15
star
28

kubernetes-scanner

Kubernetes Security Posture Management
Go
14
star
29

cloud-scanner

Deepfence Cloud Scanner runs in your cloud environment, gathering inventory and compliance information for the assets deployed in that environment. It submits that information to your Deepfence ThreatMapper or ThreatStryker Management Console.
Go
4
star
30

ThreatMapperWorkshop

CNAPP Security Workshop using ThreatMapper
4
star
31

open-tracer

Open tracer that uses eBPF kernel features
Rust
3
star
32

threatmapper-python-client

ThreatMapper python client
Python
3
star
33

ebpfguard-blog-example

Sample of eBPFGuard capabilities for upcoming blogpost.
Rust
3
star
34

deepfence-playground

Deepfence's Sandbox on killercoda Platform
Shell
2
star
35

terraform-provider-deepfence

Deepfence Terraform provider
2
star
36

CommunityThreatIntel

Threat Intelligence by and for the community
1
star
37

http2viewer

HTTP2 message viewer
Go
1
star
38

match-scanner

Go
1
star