SANS Institute - Moloch
From GCA ACT
Jump to navigationJump to search
Description
Moloch is an open source, large scale, full packet capturing, indexing, and analyzing tool. It is designed to easily handle multiple gigabits per second of traffic, index the full packet data, and provide search capabilities. Moloch is used extensively by many organizations, including SANS Institute, for network forensics and incident response purposes.