Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Followup to packet tools story InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Followup to packet tools story

Published: 2007-05-22
Last Updated: 2007-05-22 18:57:13 UTC
by Jim Clausing (Version: 1)
0 comment(s)
As promised (several weeks ago) here is the followup to my earlier story asking for suggestions of tools for capturing, generating/modifying, or replaying IP packets.  The response from our readers was overwhelming and I wanted to thank all who responded.  Since the day job and family life got in the way of posting this sooner, I'm just going to post the list of tools today.  Later this week, I hope to update this story and categorize the tools a little bit.  Because of the tremendous response, I plan to look at a couple of the tools in more detail on my next HOD shift (unless there is some massive breaking story that requires my attention then).

  • netdude
  • nemesis
  • ettercap
  • daemonlogger
  • netcat
  • dsniff
  • yersinia
  • hunt
  • bittwist
  • scruby
  • sing
  • rain
  • nbtscan
  • netwox
  • thc-rut
  • ntop
  • scanrand
  • CommView (commercial tool)
  • xprobe2
  • lft
  • tcpflow
  • tcpxtract
  • kismet
  • queso
  • fragrouter
  • amap
  • thcipv6
  • thcscan
  • juggernaut
  • gspoof
  • aldeberan
  • dhcping (there are apparently 2 different tools by this name)
I would also be remiss if I didn't include a pointer to fellow handler Bill Stearns' page of pcap tools (why didn't I just ask him first....?) at http://www.stearns.org/doc/pcap-apps.html.  Again, thanx to all those who responded.
Keywords:
0 comment(s)
Diary Archives