• aimsnarf
• ngrep (gif/jpg/pdf/exe/pe/ne/elf/3pg/torrent)
• tcpxtract
• tcpflow
• chaosreader
• bro-IDS
• snort
• tcpdstat
• capinfos
• tshark
• argus
• ragator
• racount
• rahosts
• hash (md5 & sha256)
• ra
• honeysnap
• p0f
• pads
• fl0p
• iploc
  
• foremost – thanks shadowbq!
• flowgrep
• tcptrace
• tcpick
• flowtime
• flowtag
• harimau
• clamscan
  

Think of any other useful modules? Leave me a comment and let me know!

P.S. I’m also brainstorming for some pcap/real-time network visualization tools, stay tuned!

If you only want the port, download the honeysnap-1.0.6.11.tar.gz file (note that this file will require a full /usr/ports tree in order to build any dependencies, make sure you fetch the ports on a Hex install before trying to build from source). Untar the file (I usually put it in /usr/ports/security/honeysnap), enter the directory and issue the following command:

sudo make install

It should automatically build all the dependencies and install honeysnap for you.

If you want a faster way, download the honeysnap-1.0.6.11.tbz package and it’s dependency the py25-setuptools-0.6c7_1.tbz package into the same directory and issue the following:

sudo pkg_add -v ./honeysnap-1.0.6.11.tbz

The setuptools package will automatically be installed as a dependency.

After installation, you should be able to type “honeysnap” and get all the command-line options, happy honeysnap-ing!

As always, if you have any questions or problems, feel free to email me or leave a comment!

P.S. Forgot to mention, the package above will only work for Hex 1.0.*, however, the port (the honeysnap-1.0.6.11.tar.gz file) will work on both Hex 1.0.* and FreeBSD 6.* without a problem. Hopefully I’ll be submitting it to the FreeBSD team for review soon to have it included in the standard ports