PaulDotCom mailing list archives
wall of sheep software
From: william.metcalf at gmail.com (Will Metcalf)
Date: Mon, 21 Sep 2009 10:50:30 -0500
Along those same lines I wrote a pcap parsing tool with a web interface that should be fairly easy to extend to add whatever tools you want. It supports bpfs multiple pcaps etc... Regards, Will http://doc.emergingthreats.net/bin/view/Main/PcapParser On Mon, Sep 21, 2009 at 9:29 AM, Ben Greenfield <bcg at struxural.com> wrote:
I can confirm how awesome xplico is. ?I've been using it for about 2 months now, and while it's still in beta (and the only good documentation is in french), it's really a nice tool. On Fri, Sep 18, 2009 at 8:58 PM, James Mattson <james.mattson at gmail.com> wrote:Im a big fan of using tcpreplay, then using the usual tools like ettercap, driftnet, urlsnarf, etc... If its a wireless pcap, use airdecap-ng first... Has anyone given TCPextract a shot? It too looks like a good way to carve goodies from pcaps... -B0z0dcl0wn -----Original Message----- From: Robin Wood <dninja at gmail.com> Sent: Friday, September 18, 2009 3:41 PM To: PaulDotCom Security Weekly Mailing List <pauldotcom at mail.pauldotcom.com> Subject: Re: [Pauldotcom] wall of sheep software I've downloaded NetWitness and will give it a look through but I was more after something more like a script that would just run through and pull out incriminating information. Adrians script looks good but that is parsing ettercap output which I haven't got. I've just had a play with ngrep and got some POP3 details out so I might try scripting that. Robin 2009/9/18 Chris Bentley <chris.bentley at sky.com>:You could always try splitting the pcap file, only problem being missing some interaction when analysing the files. http://www.ethereal.com/lists/ethereal-users/200511/msg00253.html 2009/9/18 Robert Miller <arch3angel at gmail.com>This will not make the "Wall of Shame" for you but for mining a cap file this is useful, however the free version has a 2gb capture limit http://www.netwitness.com/products/investigator.aspx This software helped me locate a bot running crazy on a satellite network really fast, just wish the company would buy ?the full version_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- wall of sheep software, (continued)
- wall of sheep software Nick Baronian (Sep 18)
- wall of sheep software Adrian Crenshaw (Sep 18)
- wall of sheep software Robert Miller (Sep 18)
- wall of sheep software Chris Bentley (Sep 18)
- wall of sheep software Robin Wood (Sep 18)
- wall of sheep software Chris Bentley (Sep 18)
- wall of sheep software PJ McGarvey (Sep 18)
- wall of sheep software John Strand (Sep 18)
- wall of sheep software infolookup at gmail.com (Sep 18)
- wall of sheep software James Mattson (Sep 18)
- wall of sheep software Ben Greenfield (Sep 21)
- wall of sheep software Will Metcalf (Sep 21)
- wall of sheep software Ben Greenfield (Sep 21)