Projects tagged ‘security’ and ‘wireshark’

PacketFu is a mid-level, cross-platform packet manipulation library for Ruby, allowing for easy Layer 4 and below packet creation and parsing. It requires: Ruby (1.8.6 or later) PcapRub ... [More] (0.8-dev or later) BinData (0.9.3 or later) Both PcapRub and BinData are distributed as part of PacketFu distro. PacketFu is also itself packaged with Metasploit for packet crafting goodness. [Less]

Kaginawa is a simple packet capturing UI written in java. You can think of kaginawa as a slimmed down clone of wireshark, with an emphasis on security (C is not a language for writing parsers) and ... [More] simplicity of writing modules. Kaginawa is mainly a frontend UI for a network packet capture library I wrote called NetNotifier. NetNotifier uses JNA to dynamically hook into pcap, and sends out notifications when the desired data is received. For example, your client code can start up a NetNotifier, and subscribe to TCPSession objects. Every time a new TCPSession is contributed to the system, your callback will be notified with a TCPSession object. The following example demonstrates how easy it is to write something that sniffs slashdot passwords. import netnotifier.*; class SlashdotSniff { public static void main(String[] args) { NetNotifier notifier=new NetNotifier(); notifier.subscribe(HTTPPost.class,new SlashdotSniff(),"gotPost"); notifier.startSniffer("ath0"); } public void gotPost(Object object) { // upcast the object so we can access the fields HTTPPost post; if(object instanceof HTTPPost)post=object; else return; if(!post.host.equals("slashdot.org")return; if(!post.path.equals("/login.pl")return; System.out.print(post.clientIP+": "+ post.postData.get("unickname")+" "+ post.postData.get("upasswd")); } } [Less]

SNIPER (Snort NTOP IPaudit P0f Etc RapidInstall) is single CD install media aimed at bridging the gap between liveCDs and package by package production installs. SNIPER installs in minutes with zero ... [More] or minimal user interaction, depending on the version selected. In its base form, SNIPER will turn any system into a production ready security monitoring host. [Less]