sniffglue - Secure multithreaded packet sniffer

  •        11

sniffglue is a network sniffer written in rust. Network packets are parsed concurrently using a thread pool to utilize all cpu cores. Project goals are that you can run sniffglue securely on untrusted networks and that it must not crash when processing packets. The output should be as useful as possible by default. To build from source, make sure you have libpcap and libseccomp installed, Debian/Ubuntu: libpcap-dev libseccomp-dev, Archlinux: libpcap libseccomp.

https://crates.io/crates/sniffglue
https://github.com/kpcyrd/sniffglue

Tags
Implementation
License
Platform

   




Related Projects

Wireshark - Network Traffic Analyzer

  •    C

Wireshark is a network traffic analyzer, or "sniffer", for Linux, macOS, *BSD and other Unix and Unix-like operating systems and for Windows. It uses Qt, a graphical user interface library, and libpcap and npcap as packet capture and filtering libraries.

netsniff-ng - The packet sniffing beast

  •    C

netsniff-ng is a free Linux networking toolkit, a Swiss army knife for your daily Linux network plumbing if you will. Its gain of performance is reached by zero-copy mechanisms, so that on packet reception and transmission the kernel does not need to copy packets from kernel space to user space and vice versa.

scapy - Scapy: the Python-based interactive packet manipulation program & library

  •    Python

Scapy is a powerful Python-based interactive packet manipulation program and library. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, store or read them using pcap files, match requests and replies, and much more. It is designed to allow fast packet prototyping by using default values that work.

netgraph - A cross platform http sniffer with a web UI

  •    Go

Netgraph is a packet sniffer tool that captures all HTTP requests/responses, and display them in web page. You can run Netgraph in your linux server without desktop environment installed, and monitor http requests/responses in your laptop's browser.

skydive - An open source real-time network topology and protocols analyzer

  •    Go

Skydive is an open source real-time network topology and protocols analyzer. It aims to provide a comprehensive way of understanding what is happening in the network infrastructure. Skydive agents collect topology informations and flows and forward them to a central agent for further analysis. All the informations are stored in an Elasticsearch database.


Moloch - Large scale, full packet capturing, indexing, and database system

  •    Javascript

Moloch is an open source, large scale, full packet capturing, indexing, and database system. Moloch augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access. An intuitive and simple web interface is provided for PCAP browsing, searching, and exporting.

Packet Peeper

  •    Objective-C

Packet Peeper is a network protocol analyzer (or 'packet sniffer') for Mac OS X. Its features include TCP stream reassembly, privilege separation, simultaneous capture sessions, filters, Python plugins and support for pcap capture files.

tcpdump - the TCPdump network dissector

  •    C

To report a security issue please send an e-mail to security@tcpdump.org. To report bugs and other problems, contribute patches, request a feature, provide generic feedback etc please see the file CONTRIBUTING in the tcpdump source tree root.

Inno Network Sniffer

  •    

This is a IP scanner cum Network Sniffer, t can scan Live Public IP and scan any computer on the LAN. More over it can give a detailed system Information

One Way Network Sniffer

  •    Delphi

One Way Network Sniffer is a sniffer for Windows and Linux that allows you to save files that are transiting on the network (http, pop3 and nntp protocols are supported).

PcapXray - :snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction

  •    Python

Given a Pcap File, plot a network diagram displaying hosts in the network, network traffic, highlight important traffic and Tor traffic as well as potential malicious traffic including data involved in the communication.

tcpreplay - Pcap editing and replay tools for *NIX and Windows - Users please download source from

  •    C

Tcpreplay is a suite of GPLv3 licensed utilities for UNIX (and Win32 under Cygwin) operating systems for editing and replaying network traffic which was previously captured by tools like tcpdump and Ethereal/Wireshark. It allows you to classify traffic as client or server, rewrite Layer 2, 3 and 4 packets and finally replay the traffic back onto the network and through other devices such as switches, routers, firewalls, NIDS and IPS's. Tcpreplay supports both single and dual NIC modes for testing both sniffing and in-line devices.Tcpreplay is used by numerous firewall, IDS, IPS, NetFlow and other networking vendors, enterprises, universities, labs and open source projects. If your organization uses Tcpreplay, please let us know who you are and what you use it for so that I can continue to add features which are useful.

mysql-sniffer - mysql-sniffer is a network traffic analyzer tool for mysql, it is developed by Qihoo DBA and infrastructure team

  •    C

MySQL Sniffer is a network traffic analyzer tool for MySQL, it is developed by Qihoo DBA and infrastructure team. This commandline tool captures and analyzes packets destined for a MySQL server or Client, and outputs them in a standard log format including access time, users, IP, database, query_time, rows number and query.

NetDash

  •    PHP

Network Intrusion Detection and Full Packet Capture System

authgrab - Authentication Sniffer

  •    

authgrab is an Authentication Credential Sniffer. It sniffs network traffic from the network interface and attempts to locate various protocol session's authentication information as it traverses the network.

httpdump - Capture and parse http traffics

  •    Go

Parse and display http traffic from network device or pcap file. This is a go version of origin pcap-parser, thanks to gopacket project, this tool has simpler code base and is more efficient. For original python implementation, refer to httpcap on pypi.

passivedns - A network sniffer that logs all DNS server replies for use in a passive DNS setup

  •    C

A network sniffer that logs all DNS server replies for use in a passive DNS setup

passivedns - A network sniffer that logs all DNS server replies for use in a passive DNS setup

  •    C

A network sniffer that logs all DNS server replies for use in a passive DNS setup

torsniff - torsniff - a sniffer that sniffs torrents from BitTorrent network

  •    Go

torsniff is a torrent sniffer, it sniffs torrents that people are using to download movies, music, docs, games and so on from BitTorrent network. A torrent has valuable information, so you can use torsniff to build your own torrent database(e.g: The Pirate Bay), or to do data mining and analyzing.