User-submitted modules: flowtag and clamscan

I’d like to point out a couple of user-submitted modules for NSM-Console that are now included in the distribution.
Firstly, scholar01 has created a ‘flowtag’ module for NSM-Console to use Chris Lee’s  excellent Flowtag software for categorizing and tagging network flow for a packet capture. Thanks for the submission scholar01!
Secondly, JohnQPublic has created a ‘clamscan’ module [...]

Screencast: Creating a module for NSM-Console

It hasn’t been that long since my last screencast, but I thought I’d do another, this time showing how to create a module for NSM-Console (so now you have no excuse for not contributing!).
You can get the screencast here (right-click and download, don’t stream):

mirror 1
mirror 2

It’s under 10 mb and clocks in at 7 minutes [...]

NSM Console projected module list

Here’s a list of all the planned modules and completed (struck-out) modules for nsm-console: (if a module is struck out, it’s because I’ve finished making a module for it, it isn’t necessarily in the tarball for download)

aimsnarf
ngrep (gif/jpg/pdf/exe/pe/ne/elf/3pg/torrent)
tcpxtract
tcpflow
chaosreader
bro-IDS
snort
tcpdstat
capinfos
tshark
argus
ragator
racount
rahosts
hash (md5 & sha256)
ra
honeysnap
p0f
pads
fl0p
iploc

foremost – thanks shadowbq!
flowgrep
tcptrace
tcpick
flowtime
flowtag
harimau
clamscan

Think of any other useful modules? Leave me a comment and let [...]

NSM Console – A framework for running things

Well, I’ve been hard at work for the last couple of days working on a (hopefully) useful tool for aiding in NSM file analysis (for pcap files, live analysis doesn’t work).
Behold! I present NSM-Console! (read more about it here, watch a screencast here)
Download the framework here.
Keep in mind this framework only includes 3 modules (mostly [...]