Detect Live Apt with This Network Monitoring Tool
Posted3 months ago
github.comTechstory
calmpositive
Debate
0/100
Network MonitoringCybersecurityOpen-Source Tools
Key topics
Network Monitoring
Cybersecurity
Open-Source Tools
A new network monitoring tool, nethtop, is introduced on GitHub for detecting live Advanced Persistent Threats (APTs), with a calm and positive reception from the HN community.
Snapshot generated from the HN discussion
Discussion Activity
Light discussionFirst comment
N/A
Peak period
1
Start
Avg / period
1
Key moments
- 01Story posted
Oct 8, 2025 at 2:00 AM EDT
3 months ago
Step 01 - 02First comment
Oct 8, 2025 at 2:00 AM EDT
0s after posting
Step 02 - 03Peak activity
1 comments in Start
Hottest window of the conversation
Step 03 - 04Latest activity
Oct 8, 2025 at 2:00 AM EDT
3 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Discussion (1 comments)
Showing 1 comments
m4y0uAuthor
3 months ago
www.github.com/m10ust/nethtop.git
What you do from the tool
1. Enumerate all ghost sockets and see where they are connected and status
2. Can start a pcap capture or any single connection
3. Can trace and resolve any single connection
4. Can dump entire session and export.
5. Auto pf rule creation from the ghost sockets overlay
6. Kill process associated with any connection
7. Bypass system hooks by APTs, monitoring at the kernel level
View full discussion on Hacker News
ID: 45512592Type: storyLast synced: 11/17/2025, 11:09:38 AM
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.