What tool can identify malicious traffic by comparing packet contents to known attack signatures?

The tool that can identify malicious traffic by comparing packet contents to known attack signatures is an Intrusion Detection System (IDS). An IDS monitors network traffic for signs of suspicious or malicious activity by comparing the packet contents and patterns to known attack signatures or behavioral anomalies. It can trigger alerts or take actions to protect the network when it identifies potentially harmful traffic. NetFlow is a protocol used for network traffic monitoring but does not specifically compare packet contents to known attack signatures. Zenmap is a graphical user interface (GUI) for Nmap, a network scanning tool, and is not designed for signature-based intrusion detection.