Tcpreplay Logo

Tcpreplay

0
Free
Visit Website

Tcpreplay is a suite of GPLv3 licensed utilities for UNIX (and Win32 under Cygwin) operating systems for editing and replaying network traffic which was previously captured by tools like tcpdump and Wireshark. It allows you to classify traffic as client or server, rewrite Layer 2, 3 and 4 packets and finally replay the traffic back onto the network and through other devices such as switches, routers, firewalls, NIDS and IPS's. Tcpreplay supports both single and dual NIC modes for testing both sniffing and in-line devices. Tcpreplay is used by numerous firewall, IDS, IPS, NetFlow and other networking vendors, enterprises, universities, labs and open source projects. If your organization uses Tcpreplay, please let us know who you are and what you use it for so that I can continue to add features which are useful. Tcpreplay is designed to work with network hardware and normally does not penetrate deeper than Layer 2. Yazan Siam with sponsorship from Cisco developed tcpliveplay to replay TCP pcap files directly to servers. Use this utility if you want to test the entire network stack and into the application. As of version 4.0, Tcpreplay has been enhanced to address the compl

FEATURES

ALTERNATIVES

An OpenFlow honeypot that detects unused IP addresses and simulates network traffic to attract and analyze potential threats

Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.

Load-balancing solution by Microsoft Azure with global infrastructure and financial guidance.

Independent software vendor specializing in network security tools and network forensics.

A blog sharing packet capture files and malware samples for training and analysis, with archived posts and traffic analysis exercises.

Netcap efficiently converts network packets into structured audit records for machine learning algorithms, using Protocol Buffers for encoding.

Fast, smart, effective port scanner with extensive extendability and adaptive learning.

An analyzer for parsing GQUIC traffic in Zeek, supporting versions Q039 to Q046, with a fingerprinting method named 'CYU' for detecting anomalous GQUIC traffic.