Sniff Logo

Sniff

0
Free
Visit Website

Makes output from the tcpdump program easier to read and parse. This software is now redundant as ASCII support has since been added to tcpdump in version 3.8. Features: - Coloured console output - Directly accepts tcpdump options (including parsing from packet files) - Fully customisable output Requirements: - Linux operating system - Perl installed - tcpdump program installed - Privileges in order to run tcpdump For help, run the following command: ./sniff -h Sniff options should be placed before the double dash (--) and tcpdump options should be placed after. Examples of how to use sniff: - Capture all incoming FTP packets on eth1 without using colour: ./sniff -c -- -i eth1 tcp port 21 - Real-time logging to a CSV file: ./sniff -e" -n, -s -t0 -c > /tmp/dump.csv - Converting a tcpdump dump file into CSV format: ./sniff -e" -n, -s -t0 -c -- -r /tmp/dump.txt > /tmp/dump.csv

FEATURES

ALTERNATIVES

Tcpreplay is a suite of Open Source utilities for editing and replaying captured network traffic.

JARM is a TLS server fingerprinting tool used for identifying server configurations and malicious infrastructure.

A honeytoken-based tripwire for Microsoft's Active Directory to detect privilege escalation attempts

Object scanning system with scalable and flexible architecture for intrusion detection.

A simple CLI tool that extends the functionality of Nmap

A repository of pre-defined detections for security threats and abnormal behaviors in Falco.

A tool that reads IP packets from the network or a tcpdump save file and writes an ASCII summary of the packet data.

DOS attack by sending fake BPDUs to disrupt switches' STP engines.