forensics

The new version of dorothy2 is out!

Howdy all,
The Italian Chapter is proud to release the latest version of dorothy2 (our ruby-based malware analysis framework) :).

WireShnork - A Snort plugin for Wireshark

GSoC 2011 #8 project's goal was to add forensics features to the popular Wireshark network analyzer.

Overview

Wireshark is an open source network analyzer widely used for network debugging as well as security analysis. Wireshark provides network
analyzer with graphical interface as well as command line tools.
Wireshark also provides network protocol decoders and support filters that allow to search through packets with keywords.

GSoC plugins extend Wireshark capabilities when Wireshark is used to analyze network traffic with security and forensic in mind.

Syndicate content