{"id":26295635,"url":"https://github.com/jaromarko/nfextractor","last_synced_at":"2025-07-12T00:06:04.830Z","repository":{"id":282323499,"uuid":"948208031","full_name":"JaroMarko/nfExtractor","owner":"JaroMarko","description":"This Python code is useful for analyzing net flow exported data. It merges all .time files, resolves IPs, removes duplicates, and exports all data into a CSV file which can then be analyzed in forensics.","archived":false,"fork":false,"pushed_at":"2025-03-13T23:58:03.000Z","size":0,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-14T00:32:19.011Z","etag":null,"topics":["cybersecurity","forensics","netflow-analyzer","netflow-v5","python3"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/JaroMarko.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-03-13T23:43:40.000Z","updated_at":"2025-03-14T00:03:31.000Z","dependencies_parsed_at":"2025-03-14T00:42:25.288Z","dependency_job_id":null,"html_url":"https://github.com/JaroMarko/nfExtractor","commit_stats":null,"previous_names":["jaromarko/nfextractor"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/JaroMarko/nfExtractor","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JaroMarko%2FnfExtractor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JaroMarko%2FnfExtractor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JaroMarko%2FnfExtractor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JaroMarko%2FnfExtractor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/JaroMarko","download_url":"https://codeload.github.com/JaroMarko/nfExtractor/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/JaroMarko%2FnfExtractor/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264915992,"owners_count":23682957,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","forensics","netflow-analyzer","netflow-v5","python3"],"created_at":"2025-03-15T04:14:35.622Z","updated_at":"2025-07-12T00:06:04.800Z","avatar_url":"https://github.com/JaroMarko.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Netflow Data Analysis Tools\n\nThis Python code is useful for analyzing net flow exported data. It merges all `.time` files, resolves IPs, removes duplicates, and exports all data into a CSV file which can then be analyzed in forensics.\n\n## Functionality\n\n### `extract.py`\n\n- **Description**: Extracts net flow data from a specified file or directory.\n- **Features**:\n  - Load data from a single file or merge data from multiple files in a directory.\n  - Optionally trim duplicate records.\n  - Optionally resolve IP addresses using `ipinfo.io`.\n  - Export the processed data into a CSV file.\n\n### `resolve.py`\n\n- **Description**: Resolves IP addresses to additional information using `ipinfo.io`.\n- **Features**:\n  - Fetch hostname, city, country, and organization information for each IP address.\n  - Integrate the resolved information into the net flow data.\n  - Export the enriched data into a CSV file.\n\n### `merge.py`\n\n- **Description**: Merges multiple net flow data files into a single DataFrame.\n- **Features**:\n  - Load and merge data from multiple `.time` files in a specified directory.\n  - Sort and concatenate the data into a single DataFrame.\n  - Export the merged data into a CSV file.\n\n## Usage\n\n1. **Extract Data**:\n\n   ```bash\n   python extract.py\n   ```\n\n2. **Resolve IPs**:\n\n   ```bash\n   python resolve.py\n   ```\n\n3. **Merge Data**:\n\n   ```bash\n   python merge.py\n   ```\n\n## Output\n\nThe processed data is exported into a CSV file, which can be further analyzed for forensic purposes.\n\n## TODO\n\n- nfExtractor.py which will connect all the scripts\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjaromarko%2Fnfextractor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjaromarko%2Fnfextractor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjaromarko%2Fnfextractor/lists"}