Category Archives: aimsnarf

Blog layout/pages update

Just a small update, I finally got around to creating static pages for the important things I’ve posted on my blog. You can view them on the right-hand column of the main page. I’ve created pages for the following projects/topics:

Hopefully this makes it easier to link to a particular project. Take a look and let me know if you find anything missing! I’m hoping to add a link for packages I’ve created soon also!

Also, I’m contemplating future posts, are there any requests for particular posts on a certain topic? More ZFS posts? More security tool posts? More how-to posts? Leave me a comment and let me know!

Leave a Comment

Filed under about, aimsnarf, author, blog, blogging, framework, nsm, nsm console, package, packages, programming, ruby

NSM Console projected module list

Here’s a list of all the planned modules and completed (struck-out) modules for nsm-console: (if a module is struck out, it’s because I’ve finished making a module for it, it isn’t necessarily in the tarball for download)

  • aimsnarf
  • ngrep (gif/jpg/pdf/exe/pe/ne/elf/3pg/torrent)
  • tcpxtract
  • tcpflow
  • chaosreader
  • bro-IDS
  • snort
  • tcpdstat
  • capinfos
  • tshark
  • argus
  • ragator
  • racount
  • rahosts
  • hash (md5 & sha256)
  • ra
  • honeysnap
  • p0f
  • pads
  • fl0p
  • iploc
  • foremost – thanks shadowbq!
  • flowgrep
  • tcptrace
  • tcpick
  • flowtime
  • flowtag
  • harimau
  • clamscan

Think of any other useful modules? Leave me a comment and let me know!

P.S. I’m also brainstorming for some pcap/real-time network visualization tools, stay tuned!

3 Comments

Filed under aimsnarf, argus, bro-ids, capinfos, chaosreader, console, flowtag, flowtime, harimau, hash, honeysnap, md5, module, ngrep, nsm, p0f, ra, racount, ragator, rahosts, ruby, script, sha256, snort, tcpdstat, tcpflow, tcpxtract, tshark

NSM Console – A framework for running things

Well, I’ve been hard at work for the last couple of days working on a (hopefully) useful tool for aiding in NSM file analysis (for pcap files, live analysis doesn’t work).

Behold! I present NSM-Console! (read more about it here, watch a screencast here)

Download the framework here.
Keep in mind this framework only includes 3 modules (mostly used just for testing)

NSM-Console in a small (< 500 1000 1500 lines) framework for running nsm modules. Essentially, it’s a framework for running things (but we don’t call it that because it sounds like it wasn’t any work :P ). Here’s the breakdown: Continue reading

3 Comments

Filed under aimsnarf, analysis, console, framework, hex, module, nsm, pcap, plugin, ruby, script, security