Version 0.61 is here! Fixes HTTP processing crash. Cyberprobe integrates with ElasticSearch and Kibana
to give you a powerful network dashboard. See downloads.


The Cyberprobe project is an open-source distributed architecture for real-time monitoring of networks against attack. The software consists of two components:

These components can be used together or separately. For a simple configuration, they can be run on the same host, for more complex environments, a number of probes can feed a single monitor. For more detail, and to see where we are going, read the architecture page.

The probe, cyberprobe has the following features:

The monitor tool, cybermon has the following features:

The cybermon software includes some support for STIX as a threat indicator specification, and can create alerts on the presence of threats on the network.

The code is targeted at the Linux platform, although it is generic enough to be applicable to other UN*X-like platforms.

The easiest way to learn about the software is to follow our Quick Start tutorial.


We've got downloads available for the following architectures...
Operating SystemArchitectureDownload
Fedora 20 64-bit 64-bit RPM
32-bit 32-bit RPM
Source Source RPM
RHEL7 / Centos 7 64-bit 64-bit RPM
Source Source RPM
Debian Wheezy 64-bit Debian package
32-bit Debian package
Ubuntu Trusty 64-bit Debian package
32-bit Debian package
Mint 17 64-bit Debian package
32-bit Debian package
Anything Source Source bundle