Moloch is a full packet capture system and network forensics platform designed for large scale network traffic recording and indexing. It functions as a distributed packet indexer that stores raw data in PCAP format for deep packet analysis and security investigations. The system distinguishes itself through a decentralized architecture that distributes capture and viewing components across multiple nodes to handle high volumes of network traffic. It utilizes a web-based management interface for browsing network sessions and provides a programmable API for exporting captured traffic and metad
SSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)