The Honeynet Project Releases New Tool: streams

Tillmann Werner from the Giraffe Honeynet Project chapter just released the first version of “streams”, a tool for browsing, mining and processing TCP streams in pcap files. If you ever needed to process large pcap files on a session level, you will love this tool. Have a look at the README to get an impression of its
capabilities.

The README contains some sample output and tool description.

Tillmann’s talk “High Performance Sniffing” from The Honeynet Project public workshop covers this tool:

The latest code can always be downloaded from the git repository

Tarballs of the recent version can be downloaded here

As always, feedback is more than welcome!