GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → courvoif → pcap-file

courvoif / pcap-file

Licence: MIT license
Crate to read and write pcap and pcapng files in RUST.

Programming Languages

rust
11053 projects

Labels

pcap

Projects that are alternatives of or similar to pcap-file

Genet
Graphical network analyzer powered by web technologies
Stars: ✭ 195 (+680%)
Mutual labels:  pcap
captcp
A open source program for TCP analysis of PCAP files
Stars: ✭ 110 (+340%)
Mutual labels:  pcap
capture-dns
A simple program to capture and show DNS queries
Stars: ✭ 33 (+32%)
Mutual labels:  pcap
Pypacker
📦 The fastest and simplest packet manipulation lib for Python
Stars: ✭ 216 (+764%)
Mutual labels:  pcap
zeek-docs
Documentation for Zeek
Stars: ✭ 41 (+64%)
Mutual labels:  pcap
NetworkAlarm
A tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.
Stars: ✭ 17 (-32%)
Mutual labels:  pcap
Quantuminsert
Quantum Insert
Stars: ✭ 186 (+644%)
Mutual labels:  pcap
hbase-packet-inspector
Analyzes network traffic of HBase RegionServers
Stars: ✭ 35 (+40%)
Mutual labels:  pcap
pcapdj
pcapdj - dispatch pcap files
Stars: ✭ 41 (+64%)
Mutual labels:  pcap
youtube-or-pornhub
Service identification on ciphered traffic.
Stars: ✭ 26 (+4%)
Mutual labels:  pcap
Dnscap
Network capture utility designed specifically for DNS traffic
Stars: ✭ 234 (+836%)
Mutual labels:  pcap
ipdecap
Decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols, can also remove IEEE 802.1Q (virtual lan) header. Works with pcap files.
Stars: ✭ 32 (+28%)
Mutual labels:  pcap
dns-collector
Aggregator, analyzer, transporter and logging for your DNS logs
Stars: ✭ 58 (+132%)
Mutual labels:  pcap
Cuishark
A protocol analyzer like a wireshark on CUI. cuishark is using libwireshark to analyze packets. https://cuishark.slankdev.net
Stars: ✭ 208 (+732%)
Mutual labels:  pcap
wiresham
Simple TCP service mocking tool for replaying https://www.wireshark.org and http://www.tcpdump.org captured service traffic
Stars: ✭ 44 (+76%)
Mutual labels:  pcap
Winshark
A wireshark plugin to instrument ETW
Stars: ✭ 191 (+664%)
Mutual labels:  pcap
connect
tiny cross-platform socket API library
Stars: ✭ 46 (+84%)
Mutual labels:  pcap
termshark
A terminal UI for tshark, inspired by Wireshark
Stars: ✭ 7,368 (+29372%)
Mutual labels:  pcap
Red-Rabbit-V4
The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow
Stars: ✭ 123 (+392%)
Mutual labels:  pcap
dsc
DNS Statistics Collector
Stars: ✭ 94 (+276%)
Mutual labels:  pcap
View All Similar Projects ➔

Pcap and PcapNg parsing

Crates.io rustdoc Crates.io

Pcap

This crate can read Pcap files from a reader and write them to a writer.

It also provides several parsers for the Pcap file format.

Example: PcapReader

 use std::fs::File;
 use pcap_file::pcap::PcapReader;

 let file_in = File::open("test.pcap").expect("Error opening file");
 let pcap_reader = PcapReader::new(file_in).unwrap();

 // Read test.pcap
 for pcap in pcap_reader {

     //Check if there is no error
     let pcap = pcap.unwrap();

     //Do something
 }

PcapNg

This crate can read PcapNg files from a reader.

It also provides several parsers for the PcapNg file format.

Example: PcapNgReader

use std::fs::File;
use pcap_file::pcapng::PcapNgReader;

let file_in = File::open("test.pcapng").expect("Error opening file");
let pcapng_reader = PcapNgReader::new(file_in).unwrap();

// Read test.pcapng
for block in pcapng_reader {

    //Check if there is no error
    let block = block.unwrap();

    //Parse block content
    let parsed_block = block.parsed().unwrap();

    //Do something
}

Documentation

https://docs.rs/pcap-file

Installation

This crate is on crates.io. Add it to your Cargo.toml:

[dependencies]
pcap-file = "1.1.0"

License

Licensed under MIT.

Disclaimer

To test the library I used the excellent PcapNg testing suite provided by hadrielk.

Fuzzing

Currently there are 4 crude harnesses to check that the parser won't panic in any situation. To start fuzzing you must install cargo-fuzz with the command:

$ cargo install cargo-fuzz

And then, in the root of the repository, you can run the harnesses as:

$ cargo fuzz run pcap_reader
$ cargo fuzz run pcap_ng_reader
$ cargo fuzz run pcap_parser
$ cargo fuzz run pcap_ng_parser

Keep in mind that libfuzzer by default uses only one core, so you can either run all the harnesses in different terminals, or you can pass the -jobs and -workers attributes. More info can be found in its documentation here. To get better crash reports add to you rust flags: -Zsanitizer=address. E.g.

RUSTFLAGS="-Zsanitizer=address" cargo fuzz run pcap_reader
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].