LSE top 100LSE top 100Moloch (17)Moloch (17)

Tool and Usage

Project details

Apache License 2.0
Programming languages
C, Node.js
Latest release
Latest release date

Project health

This score is calculated by different factors, like project age, last release date, etc.


Moloch comes with a web interface that allows for easy browsing of pcap data (packet capture). It can also search in the data or export it. Besides pcap, the JSON format is supported, so data can be easily consumed in other tools (like Wireshark).

Why this tool?

Tools like Moloch are a great addition to everyone working with network data. One common use-case is that of network security monitoring (NSM). Here is can help with making all data more accessible and finding anomalies in the data.

Usage and audience

Moloch is commonly used for network security monitoring or security monitoring. Target users for this tool are network administrators, security professionals, and system administrators.


  • JSON output supported
  • Support for pcap (packet capture)

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:


  • + More than 25 contributors
  • + More than 3000 GitHub stars
  • + Many releases available
  • + The source code of this software is available
  • + Supported by a large company

Author and Maintainers

Supporting company

This project is maintained by Oath Inc.


Supported operating systems

Moloch is known to work on Linux.

Moloch alternatives

Similar tools to Moloch:



Zeek is a network security monitoring tool (NSM) and helps with monitoring. It can also play an active rol in performing forensics and incident response.



CHIRON is a tool to provide network analytics based on the ELK stack with threat detection. Learn how it works in this review.



DejaVu is an open source deception framework which can be used to deploy and administer decoys across a network infrastructure. Read how it works in this review.

All Moloch alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information


This tool is categorized as a network security monitoring tool.