'pcap' Tag

• Yahsnarf – Sniff Yahoo IM conversations

  April 3, 2008

  Remember way back, when I released Aimsnarf? Well, it turns out that people were interested in one for Yahoo IM, so I’m happy to present Yahsnarf, the Yahoo messenger sniffing script. You can download the script on the yahsnarf project page. Yahsnarf requires Ruby, ruby-pcap and bit-struct (Thanks Matasano for introducing me to bit-struct, made […]

  posted in im, network, pcap, ruby, script, sniff, yahoo, yahsnarf by Lee

• NSM-Console version 0.6 release

  March 14, 2008

  I’m happy to announce the release of the next version of NSM-Console. Version 0.6. If you are unfamiliar with NSM-Console, here’s the synopsis from the project page: NSM-Console (Network Security Monitoring Console) is a framework for performing analysis on packet capture files. It implements a modular structure to allow for an analyst to quickly write […]

  posted in bro-ids, clamscan, dump, foremost, gzip, harimau, monitoring, network, nsm, nsm console, packet, pcap, security, snort, trace-summary, whitepaper by Lee

• Collaborative analysis efforts with simple to use interfaces

  February 12, 2008

  You know what would be really helpful? I mean, actually helpful to people in the security industry as a whole? We need some kind of collaboration tool that allows many different users to view, download, analyze, tag, describe and ask questions about any and all kinds of malware, network captures and security logs. I’ve been […]

  posted in binary, collaboration, malware, pcap, research by Lee