Tranalyzer Original

Network network pcap

Source (link to git-repo or to original if based on someone elses unmodified work): Add the source-code for this project on opencode.net

0
Score 63.3%
Description:

Tranalyzer2 is a lightweight flow generator and packet analyzer designed for practitioners and researchers. Special value is set to simplicity, performance and scalability. It extends Cisco NetFlow's functionality and supports analysts in processing ultra large packet dumps. It supports the drill down process to the very flow of interest, which can then be analysed in depth by tcpdump, Wireshark or by its text based packet mode. The program is implemented in C and built upon the libpcap library. Tranalyzer provides functionality to analyze and generate key parameters and statistics from IP traces either being live-captured from Ethernet interfaces or pcap files. The quantity of binary and text based output of Tranalyzer depends on enabled plugins. Hence, users have the possibility to tailor the output according to their needs. Moreover, additional plugins can be developed independently of the functionality of other plugins.
Last changelog:

Tranalyzer2 Tarantula version 0.8.4lm2 is out! 11 days ago

* basicFlow: improved subnet files
* dnsDecode: updated blacklists
* geoip: updated GeoLite2 database
* macRecorder: updated manuf database
* sslDecode: updated certificate blacklist

andy

2 years ago

This tool sdaved me a big time in troubleshooting a routing problem at a customer

Report

Tranalyzer2 Tarantula version 0.8.4lm2 is out! 11 days ago

* basicFlow: improved subnet files
* dnsDecode: updated blacklists
* geoip: updated GeoLite2 database
* macRecorder: updated manuf database
* sslDecode: updated certificate blacklist

Tranalyzer2 Tarantula version 0.8.2lm2 is out! 5 months ago

* Fix for OSX

Tranalyzer2 Tarantula version 0.8.2lm1 is out! 5 months ago

* New plugin: findexer
* basicFlow:
* Updated IPv4/6 databases
* Flag Tor addresses
* dnsDecode: blacklisted domain names detection
* geoip: updated databases
* nDPI: updated nDPI library to 2.6.0
* pwX: improved detection of HTTP based credentials
* sslDecode: updated JA3/JA3S database and SSL blacklist
* ftpDecode: bugfixes
* tranalyzer2:
* Improved final and monitoring reports
* Improved network aggregation mode IPv4/6
* autogen.sh:
* Faster parallel compilation
* New -P/--profile option
* Simpler control of MAC addresses representation (utils/bin2txt.h):
* MAC_FORMAT: 0: string, 1: hex
* MAC_SEP: separator for MAC addresses as string (default: ":")
* Avoid unecessary dependency to zlib (*Sink)
* tawk: removed deprecated function bitisset
* Use bitsanyset and bitsallset instead
* Bugfixes and code hardening

Tranalyzer2 Tarantula version 0.8.1lm3 is out! 8 months ago

* More Traffic Mining features in nFrstPkts
* Improved scripts and tutorials (see https://tranalyzer.com/tutorials)
* tcpFlags: minwinsz detection, doc
* telnetDecode: bug fixes
* Minor code refactoring

Tranalyzer2 Tarantula version 0.8.1lm2 is out! 8 months ago

* Fix for older distributions where zlib version < 1.2.9

Tranalyzer2 Tarantula version 0.8.1 is out! 8 months ago

* New plugins: sslDecode (SSL/TLS, including JA3 hash), p0f (OS fingerprinting)
* Improved t2fm: create PDF report from MongoDB or PostgreSQL database
* nFrstPkt: new signal preprocessing features
* New t2plot and traffic mining scripts
* Improved dnsDecode and arpDecode
* txtSink: added option to compress (gzip) the output
* geo labeling information for packet mode (-s option)
* checkout our tutorials

12345678910
2
product-maker andy Mar 23 2017 9 excellent
product-maker bobby-bob Mar 22 2017 9 excellent
product-maker Count: 4 Rating: 5.0
Pling
*Needs ocs-url or ocs-store to install things
Details
license
GPLv3
version
0.8.4
updated Jul 09 2019
added Mar 22 2017
downloads today
0
page views today 8
System Tags app software gplv3