As part of GSoc 2011, Jakub Zawadzki developed a variety of wirkeshark extensions:
- WireShnork plugin that would support applying Snort IDS rules and signatures against pcap files. This would be useful for network forensic, allowing analysts to automatically colorise packets that match a particular Snort IDS signature.
- WireshAV plugin that would allow to scan captured files with antiviruses
- WireBrowse plugin which would allow to access some of wireshark functionality over web browser
- WireSocks HTTP/SOCKS5 "proxy" plugin that would allow any browser (with proxy support :)) to get the contents of sniffed web pages (with css, images, javascript, and other files) which were saved inside pcap file
- WireViz GUI plugin which would allow to generate connection graphs with Graphviz
Downloads