PortDog is a network anomaly detector aimed at identifying portscanning attacks. It is entirely written in python and has an easy-to-use interface.
f63e923ee94a697d566a787e7193d4c0179ba1a3041f835265f57968926fd423
Htcap is a web application analysis tool for detecting communications between javascript and the server. It crawls the target application and maps ajax calls, dynamically inserted scripts, websockets calls, dynamically loaded resources and some interesting elements. The generated report is meant to be a good starting point for a manual web application security audit. Htcap is written in python and uses phantomjs to load pages injecting a probe that analyzes javascript behaviour. Once injected, the probe, overrides native javascript methods in order to intercept communications and DOM changes. It also simulates user interaction by firing all attached events and by filling html inputs.
981291a5ddf50d934fe6635ef8364804c1736f0f3495311f538a582c06e131fd
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
22ac0cc872f12cef9bb2cacfe0720eed8533dc5cea102d21de511620606cb3b6
This is a tool to replay packet captures and simulate client/server models when doing analysis. Written in Python.
bbc82f1d4197ab39b95472137a8ac96adbcfc361152b02976825089cc906d144
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
d0f177b2ef49e4deae4ff7d3299bdd295ba558a3934ce8ae489b2f13927cbd82
netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
d37b664865419aaa15321fc259a71272c791fde7ec5c3f9638ded43b902b8380
tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.
6be520269a89036f99c0b2126713a60965953eab921002b07608ccfc0c47d9af
tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.
1f87fb652ce996d41e7a06c601bc6ea29b13fee922945b23770c29490f1d8ace
tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.
f59a2bb77612a1392973ecf1ee165028abf5c151e04ae3999b98f94fd9d04ae7
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
de804e98e252e4b795d28d6ac2d48d7f5aacd9b046ee44d44266983795ebc312
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
69950b9dcb1a630982b5f680554d73d27ee0dc856fc6aeef88c8d04eb5ac33ea
KeySweeper is a stealthy Arduino-based device, camouflaged as a functioning USB wall charger, that wirelessly and passively sniffs, decrypts, logs and reports back (over GSM) all keystrokes from any Microsoft wireless keyboard in the vicinity.
7d3cce0ee36f29266235b182ba2142ade64c886109aa061d0884fbcfb4375461
This tool extracts credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, and more from a pcap file or from a live interface.
6a4ebb9233e9c4bc5f6625c3d1e68f90988774a7b8b02f8e394c0e6d53a1dded
httpry is a specialized packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but instead to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the live traffic on the wire, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications. It does not display the raw HTTP data transferred, but instead focuses on parsing and displaying the request/response line along with associated header fields.
ef53454f895f68005f7b9ab634d1b433c4df839eacea9109e4ee48d4296fb613
netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
80436a306947e6c541d573c897cf64e1f223b867f571fabe74cea2ab512aa13c
netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
ed1a222a43a37f6fb8b8e7da260280f33fd005af5235cf63c75266c05508924e
netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
72e802f84e9a2666d71a07b9b2fee2f975659fa1a31baeb810c3bb775f538738
netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
be656505a745b41a05dc5fcf746b167dbb7dce761520725f93f79d222c6e5357
Intercepter is a sniffer that offers various capabilities including sniffing for password hashes related to ICQ/IRC/AIM/FTP/IMAP/POP3/SMTP/LDAP/BNC/SOCKS/HTTP/WWW/NNTP/CVS/TELNET/MRA/DC++/VNC/MYSQL and ORACLE. It also sniffs ICQ/AIM/JABBER/YAHOO/MSN/GADU-GADU/IRC and MRA protocols. It has a built-in arp poisoning module, can change MAC addresses of LAN adapters, and has various other interesting functionality.
a7eeb7f0852c3f890b1cf069da1c6007331be8b19ddd6ca7025e8cfe208f0861
MF Sniffer is a python script for capturing unencrypted TSO login credentials. It requires Scapy. Given an interface, IP and port this script will try to sniff mainframe user IDs and passwords sent over cleartext using TN3270 (tested against x3270, TN3270Plux and TN3270X). This script does not work if the mainframe is using SSL encryption.
2f8ddc0ba0bec2aac0376b8862e3276847ef5e50cf7cb4cd1696b477d19a726d
HexInject is a hexadecimal and raw packet injector and sniffer. It can be easily combined with other tools to provide a powerful command line framework for raw network access. It will automatically set the correct checksum (IP, TCP, UDP, ICMP).
329f0686069988ac0dae4a00082b205ac9669bc8e202d4b112c600bcbc198ce9
netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
ab4e1ef6aadb00b998349aff66e4e1cec53910113344c53ac8eb947fd46b5e89
UC Sniff is a VoIP/UC Sniffer / Assessment / Pentest tool with some useful new features, such as IP Video Sniffing. UCSniff is a Pro of of Concept tool to demonstrate the risk of unauthorized recording of VoIP and Video - it can help you understand who can eavesdrop, and from what parts of your network. It is intended for next generation enterprise VoIP/UC Infrastructures that rely on Voice VLANs to segment UC applications for QoS requirements. UCSniff was born from pentesting and the "VoIP Hopper" tool as an idea to combine automated Voice VLAN Discovery and VLAN Hop with MitM, along with targeted VoIP attacks against users in the VoIP Corporate Directory. Eavesdropping is one of many potential UC-specific attacks that can take place, and UCSniff can be used by other researchers and security professionals as a base tool to explore this idea. UCSniff is a text and GUI application, written in C/C++, that runs in the Linux and Windows OS environment. It is freely available under the GPLv3 license for anyone to download and use.
31c61d8d179ca67e76b8f36f1e366088b663c0282554470ac68d0535614f9b33
Intercepter is a sniffer that offers various capabilities including sniffing for password hashes related to ICQ/IRC/AIM/FTP/IMAP/POP3/SMTP/LDAP/BNC/SOCKS/HTTP/WWW/NNTP/CVS/TELNET/MRA/DC++/VNC/MYSQL and ORACLE. It also sniffs ICQ/AIM/JABBER/YAHOO/MSN/GADU-GADU/IRC and MRA protocols. It has a built-in arp poisoning module, can change MAC addresses of LAN adapters, and has various other interesting functionality.
ad968798c1c3dc2e811d17b3502b2237418f4680838c912b55636ed2b18b1027
Intercepter-NG [Console Edition] is a sniffer that offers various capabilities including sniffing for password hashes related to ORACLE/MYSQL/VNC/NNTP/CVS/WWW/HTTP/SOCKS/MRA/FTP/POP3/SMTP/IMAP/LDAP/AIM. It works on NT/Linux/BSD/IOS/Android and is optimized for screen size 80x30 or higher.
5f7266338e53e4318d99d392ca8aa81bda985a3b34aa8b12b8fdf6fc55f2f586