flower - TCP flow analyzer with sugar for A/D CTF

  •        21

Once everything has been started, flower should be accessible at the address of the machine that started it on port 3000. If you are going to use flower in a CTF, remember to set up the firewall in the most appropriate way, as the current implementation does not use other security techniques.

https://github.com/secgroup/flower

Dependencies:

@material-ui/core : ^1.2.1
@material-ui/icons : ^1.1.0
arrow-keys-react : ^1.0.6
dompurify : ^1.0.5
escape-html : ^1.0.3
flow-bin : ^0.74.0
hexdump-nodejs : ^0.1.0
lodash : ^4.17.10
material-ui : ^1.0.0-beta.47
material-ui-search-bar : ^1.0.0-beta.4
moment : ^2.22.2
react : ^16.4.1
react-copy-to-clipboard : ^5.0.1
react-dom : ^16.4.1
react-moment : ^0.7.4
react-scripts : 1.1.4
react-split-pane : ^0.1.77
react-time-range-picker : ^1.4.0
react-tiny-virtual-list : ^2.1.4
react-virtual-list : ^2.3.0
react-virtualized : ^9.19.1

Tags
Implementation
License
Platform

   




Related Projects

scapy - Scapy: the Python-based interactive packet manipulation program & library

  •    Python

Scapy is a powerful Python-based interactive packet manipulation program and library. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, store or read them using pcap files, match requests and replies, and much more. It is designed to allow fast packet prototyping by using default values that work.

netsniff-ng - The packet sniffing beast

  •    C

netsniff-ng is a free Linux networking toolkit, a Swiss army knife for your daily Linux network plumbing if you will. Its gain of performance is reached by zero-copy mechanisms, so that on packet reception and transmission the kernel does not need to copy packets from kernel space to user space and vice versa.

skydive - An open source real-time network topology and protocols analyzer

  •    Go

Skydive is an open source real-time network topology and protocols analyzer. It aims to provide a comprehensive way of understanding what is happening in the network infrastructure. Skydive agents collect topology informations and flows and forward them to a central agent for further analysis. All the informations are stored in an Elasticsearch database.

netgraph - A cross platform http sniffer with a web UI

  •    Go

Netgraph is a packet sniffer tool that captures all HTTP requests/responses, and display them in web page. You can run Netgraph in your linux server without desktop environment installed, and monitor http requests/responses in your laptop's browser.

Packet Peeper

  •    Objective-C

Packet Peeper is a network protocol analyzer (or 'packet sniffer') for Mac OS X. Its features include TCP stream reassembly, privilege separation, simultaneous capture sessions, filters, Python plugins and support for pcap capture files.


payloads - Git All the Payloads! A collection of web attack payloads.

  •    Shell

run ./get.sh to download external payloads and unzip any payload files that are compressed. Requests extracted from either packet captures or log files of capture the flag (ctf) events. Mostly raw data so not all requests are actual payloads, however requests should be deduplicated.

homer - HOMER - 100% Open-Source SIP / VoIP Packet Capture & Monitoring

  •    Shell

HOMER is a robust, carrier-grade, scalable SIP Capture system and VoiP Monitoring Application offering HEP/EEP, IP Proto4 (IPIP) encapsulation & port mirroring/monitoring support right out of the box, ready to process & store insane amounts of signaling, logs and statistics with instant search, end-to-end analysis and drill-down capabilities for ITSPs, VoIP Providers and Trunk Suppliers using SIP signaling protocol. Powered at the core by SIPCAPTURE Module for industry-standard Kamailio or OpenSIPS, HOMER provides virtually unlimited scope for granular capture configuration either stand-alone or using our companion Capture Agent Project.

ctf - CTF Field Guide

  •    C

We’re glad you’re here. We need more people like you. If you’re going to make a living in defense, you have to think like the offense.

TCPDump - Network Packet Analyzer

  •    C

TCPDump, a powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture. It prints out a description of the contents of packets on a network interface that match the boolean expression. The Packet Capture library provides a high level interface to packet capture systems. All packets on the network, even those destined for other hosts, are accessible through this mechanism.

awesome-ctf - A curated list of CTF frameworks, libraries, resources and softwares

  •    Javascript

A curated list of Capture The Flag (CTF) frameworks, libraries, resources, softwares and tutorials. This list aims to help starters as well as seasoned CTF players to find everything related to CTFs at one place.Please take a quick look at the contribution guidelines first.

armpwn - Repository to train/learn memory corruption on the ARM platform.

  •    Python

Repository to train/learn memory corruption exploitation on the ARM platform. This is the material of a workshop I prepared for my CTF Team. Either upload the binary to some ARM device (I used a Raspberry Pi) or use qemu locally as described here. Also copy the webroot/ folder and the led script to the device. The binary expects both to be in the current working directory.

wireshark - Read-only mirror of Wireshark's Git repository

  •    C

Wireshark is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. It uses Qt, a graphical user interface library, and libpcap, a packet capture and filtering library. The Wireshark distribution also comes with TShark, which is a line-oriented sniffer (similar to Sun's snoop, or tcpdump) that uses the same dissection, capture-file reading and writing, and packet filtering code as Wireshark, and with editcap, which is a program to read capture files and write the packets from that capture file, possibly in a different capture file format, and with some packets possibly removed from the capture.

write-ups-2017 - Wiki-like CTF write-ups repository, maintained by the community. 2017

  •    Python

This repository aims to solve those problems. It’s a collection of CTF source files and write-ups that anyone can contribute to. Did you just publish a CTF write-up? Let us know, and we’ll add a link to your post — or just add the link yourself and submit a pull request. Spot an issue with a solution? Correct it, and send a pull request.

RootTheBox - A Game of Hackers (CTF Scoreboard & Game Manager)

  •    HTML

Root the Box is a real-time scoring engine for computer wargames where hackers can practice and learn. The application can be easily configured and modified for any CTF game. Root the Box attempts to engage novice and experienced players alike by combining a fun game-like environment, with realistic challenges that convey knowledge applicable to the real-world, such as penetration testing, incident response, digital forensics and threat hunting. Just as in traditional CTF games, each team or player targets challenges of varying difficulty and sophistication, attempting to collect flags. Root the Box brings additional options to the game. It can be configured to allow the creation of "Botnets" by uploading a small bot program to target machines, which grant periodic rewards with (in-game) money for each bot in the botnet; the larger the botnet the larger the reward. Money can be used to unlock new levels, buy hints to flags, download a target's source code, or even "SWAT" other players by bribing the (in-game) police. Player's "bank account passwords" can also be publically displayed by the scoring engine, allowing players to crack each other's passwords and steal each other's money.

pwntools - CTF framework and exploit development library

  •    Python

Pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and development, and intended to make exploit writing as simple as possible. You can now do a live demo of Pwntools, right in your browser.

libtins - High-level, multiplatform C++ network packet sniffing and crafting library.

  •    C++

libtins is a high-level, multiplatform C++ network packet sniffing and crafting library. Its main purpose is to provide the C++ developer an easy, efficient, platform and endianess-independent way to create tools which need to send, receive and manipulate specially crafted packets.

libpcap - the LIBpcap interface to various kernel packet capture mechanism

  •    C

To report a security issue please send an e-mail to security@tcpdump.org. To report bugs and other problems, contribute patches, request a feature, provide generic feedback etc please see the file CONTRIBUTING in the libpcap source tree root.