RSS 7 projects tagged "Packet Capturing"

Download Website Updated 29 Jun 2012 netsniff-ng

Screenshot
Pop 132.57
Vit 4.41

netsniff-ng is a high performance Linux network sniffer for packet inspection. It is similar to analyzers like tcpdump, but without the need to perform system calls for fetching network packets. A memory-mapped area within kernelspace will be used for accessing packets, so there is no requirement for copying them to userspace (a 'zero-copy' mechanism). For this purpose, netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying, and performing offline analysis of pcap dumps. The project is focused on building a robust, clean, and secure analyzer and utilities that complete netsniff-ng as a support for penetration testing. netsniff-ng can be used for protocol analysis, reverse engineering, and network debugging.

Download Website Updated 07 Feb 2010 Open Unified Recording

Screenshot
Pop 44.86
Vit 39.21

Open Unified Recording (OUR) is a full featured Linux-based VoIP/SIP call recording engine, indexing, and retrieval system. The system resides on the network and passively captures SIP sessions.

No download No website Updated 01 Aug 2012 Ostinato

Screenshot
Pop 165.75
Vit 4.33

Ostinato is a network packet and traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. It features custom packet crafting with editing of any field for several protocols: Ethernet, 802.3, LLC SNAP, VLAN (with Q-in-Q), ARP, IPv4, IPv6, IP-in-IP a.k.a IP Tunneling, TCP, UDP, ICMPv4, ICMPv6, IGMP, MLD, HTTP, SIP, RTSP, NNTP, etc. It is useful for both functional and performance testing.

No download Website Updated 09 Mar 2014 catnip

Screenshot
Pop 90.72
Vit 7.71

catnip is a tiny network packet mirroring tool. The server (source) is not based on libpcap and, when compiled and stripped, makes the binary smaller than 20kiB. This makes it very suitable for embedded environments where a libpcap-based tool, typically 100kiB for just libpcap and 500kiB for tcpdump, would be simply too large. What makes catnip stand out from other small packet capturing tools is that it presents the remote systems interface as a local TUN/TAP interface, but additionally can apply a BPF filter at the remote end to send to you only the traffic you are interested in.

No download No website Updated 14 Oct 2013 JunkieTheSniffer

Screenshot
Pop 166.24
Vit 11.30

Junkie is a real-time packet sniffer and analyzer. It is modular enough to accomplish many different tasks. It can be a helpful companion to the modern network administrator and analyst. Compared to previously available tools, junkie lies in between tcpdump and wireshark. Unlike tcpdump, its purpose is to parse protocols of any depth; unlike wireshark, though, it is designed to analyze traffic in real-time and so cannot parse traffic as exhaustively as wireshark does. In addition, its design encompasses extendability and speed. It has a plug-in system and high-level extension language that eases the development and combination of new functionalities; threaded packet capture and analysis for handling of high bandwidth networks; and a modular architecture to ease the addition of any protocol layer. It is based on libpcap for portability, and well-tested on professional settings.

No download Website Updated 27 Nov 2011 tcpdump

Screenshot
Pop 67.82
Vit 1.00

tcpdump prints a description of the contents of packets on a network interface which match a given boolean expression. It can also be run with the -w flag, which causes it to save the packet data to a file for later analysis, and/or with the -r flag, which causes it to read from a saved packet file rather than to read packets from a network interface. In all cases, only packets which match the expression will be processed by tcpdump. tcpdump logs more than just TCP, IP, or ethernet packets, but has a whole suite of decoders, including ones for USB.

No download Website Updated 02 Oct 2013 Cyberprobe

Screenshot
Pop 72.17
Vit 2.56

Cyberprobe is a distributed architecture for real-time monitoring of networks against attack. The software consists of two components: cyberprobe, which collects data packets and forwards it over a network in standard streaming protocols; and cybermon, which receives the streamed packets, decodes the protocols, and interprets the information. Cyberprobe can optionally be configured to receive alerts from Snort. In this configuration, when an alert is received, the IP source address associated with the alert is dynamically targeted for a period of time. Collecting data and forwarding over the network to a central collection point allows for a much more "industrialized" approach to intrusion detection. The monitor, cybermon, is highly configurable using LUA, allowing you to do a great many things with captured data: summarize, hexdump, store, and respond with packet injections.

Screenshot

Project Spotlight

Flora

An innovative NoSQL database.

Screenshot

Project Spotlight

Burp

A program that backs up and restores data.