├── .gitignore ├── CHANGELOG ├── LGPL.license ├── LICENSE ├── README ├── TODO ├── docs └── NSM-Console.pdf ├── files ├── gentags ├── lib ├── colors.rb ├── command_manager.rb ├── commands.rb ├── encodelib.rb ├── history.rb ├── logging.rb ├── nsm_alias.rb ├── nsm_category.rb ├── nsm_console.rb ├── nsm_helper.rb ├── nsm_module.rb ├── pcaplib.rb └── pcapparser.rb ├── logs └── logsgohere ├── modules ├── README ├── afterglow.module │ ├── afterglow │ ├── bin │ │ ├── afterglow.pl │ │ ├── tcpdump.properties │ │ └── tcpdump2csv.pl │ ├── defaults │ ├── description │ └── info ├── aimsnarf.module │ ├── aimsnarf │ ├── defaults │ ├── description │ └── info ├── argus-basic.module │ ├── argus-basic │ ├── defaults │ ├── description │ └── info ├── argus3-pcap2flow.module │ ├── argus3-pcap2flow │ ├── defaults │ ├── description │ └── info ├── argus3-ramon.module │ ├── argus3-ramon │ ├── defaults │ ├── description │ ├── info │ ├── racluster-HostProto.conf │ ├── racluster-HostSvc.conf │ ├── racluster-Matrix.conf │ ├── racluster-Svc.conf │ └── racluster-TopN.conf ├── bro-ids-conn.module │ ├── bro-ids-conn │ ├── bro.cfg │ ├── defaults │ ├── description │ └── info ├── bro-ids-protocol.module │ ├── bro-ids-protocol │ ├── bro.cfg │ ├── defaults │ ├── description │ └── info ├── bro-ids-stream.module │ ├── bro-ids-stream │ ├── bro.cfg │ ├── defaults │ ├── description │ └── info ├── capinfos.module │ ├── capinfos │ ├── defaults │ ├── description │ └── info ├── categories │ ├── IDS │ ├── flow │ ├── forensics │ ├── nsm │ ├── statistics │ └── visualization ├── chaosreader.module │ ├── chaosreader │ ├── defaults │ ├── description │ └── info ├── clamscan.module │ ├── clamscan │ ├── defaults │ ├── description │ └── info ├── dnstop.module │ ├── defaults │ ├── description │ ├── dnstop │ └── info ├── fl0p.module │ ├── defaults │ ├── description │ ├── fl0p │ └── info ├── flowtag.module │ ├── defaults │ ├── description │ ├── flowtag │ └── info ├── flowtime.module │ ├── defaults │ ├── description │ ├── flowtime │ └── info ├── foremost.module │ ├── defaults │ ├── description │ ├── foremost │ └── info ├── harimau.module │ ├── defaults │ ├── description │ ├── harimau │ ├── harimau.rb │ ├── info │ └── pcapparser.rb ├── hash.module │ ├── defaults │ ├── description │ ├── hash │ └── info ├── honeysnap.module │ ├── defaults │ ├── description │ ├── honeysnap │ ├── honeysnap.cfg │ └── info ├── httpry.module │ ├── defaults │ ├── description │ ├── httpry │ └── info ├── ip2asn.module │ ├── defaults │ ├── description │ ├── info │ ├── ip2asn │ ├── ip2asn.rb │ └── pcapparser.rb ├── iploc.module │ ├── defaults │ ├── description │ ├── info │ └── iploc ├── ngrep.module │ ├── description │ ├── info │ └── ngrep ├── p0f.module │ ├── defaults │ ├── description │ ├── info │ └── p0f ├── pads.module │ ├── defaults │ ├── description │ ├── info │ └── pads ├── snort.module │ ├── classification.config │ ├── defaults │ ├── description │ ├── info │ ├── reference.config │ ├── rules │ │ ├── LICENSE │ │ ├── bleeding-attack_response.rules │ │ ├── bleeding-botcc-BLOCK.rules │ │ ├── bleeding-botcc.excluded │ │ ├── bleeding-botcc.rules │ │ ├── bleeding-compromised-BLOCK.rules │ │ ├── bleeding-compromised.rules │ │ ├── bleeding-dos.rules │ │ ├── bleeding-drop-BLOCK.rules │ │ ├── bleeding-drop.rules │ │ ├── bleeding-dshield-BLOCK.rules │ │ ├── bleeding-dshield.rules │ │ ├── bleeding-exploit.rules │ │ ├── bleeding-game.rules │ │ ├── bleeding-inappropriate.rules │ │ ├── bleeding-malware.rules │ │ ├── bleeding-p2p.rules │ │ ├── bleeding-policy.rules │ │ ├── bleeding-rbn-BLOCK.rules │ │ ├── bleeding-rbn.rules │ │ ├── bleeding-scan.rules │ │ ├── bleeding-sid-msg.map │ │ ├── bleeding-virus.rules │ │ ├── bleeding-voip.rules │ │ ├── bleeding-web.rules │ │ ├── bleeding-web_sql_injection.rules │ │ ├── bleeding.conf │ │ ├── bleeding.rules │ │ ├── community-bot.rules │ │ ├── community-deleted.rules │ │ ├── community-dos.rules │ │ ├── community-exploit.rules │ │ ├── community-ftp.rules │ │ ├── community-game.rules │ │ ├── community-icmp.rules │ │ ├── community-imap.rules │ │ ├── community-inappropriate.rules │ │ ├── community-mail-client.rules │ │ ├── community-misc.rules │ │ ├── community-nntp.rules │ │ ├── community-oracle.rules │ │ ├── community-policy.rules │ │ ├── community-sip.rules │ │ ├── community-smtp.rules │ │ ├── community-sql-injection.rules │ │ ├── community-virus.rules │ │ ├── community-web-attacks.rules │ │ ├── community-web-cgi.rules │ │ ├── community-web-client.rules │ │ ├── community-web-dos.rules │ │ ├── community-web-iis.rules │ │ ├── community-web-misc.rules │ │ └── community-web-php.rules │ ├── snort │ ├── snort.conf │ └── unicode.map ├── tcpdstat.module │ ├── defaults │ ├── description │ ├── info │ └── tcpdstat ├── tcpflow.module │ ├── defaults │ ├── description │ ├── info │ └── tcpflow ├── tcpick.module │ ├── defaults │ ├── description │ ├── info │ └── tcpick ├── tcptrace.module │ ├── defaults │ ├── description │ ├── info │ └── tcptrace ├── tcpxtract.module │ ├── defaults │ ├── description │ ├── info │ ├── rp-tcpxtract.conf │ ├── tcpxtract │ └── tcpxtract.conf ├── trace-summary.module │ ├── defaults │ ├── description │ ├── info │ ├── trace-summary │ └── trace-summary.py ├── tshark.module │ ├── defaults │ ├── description │ ├── info │ └── tshark └── yahsnarf.module │ ├── defaults │ ├── description │ ├── info │ ├── lib │ ├── bit-struct.rb │ └── bit-struct │ │ ├── bit-struct.rb │ │ ├── char-field.rb │ │ ├── float-field.rb │ │ ├── hex-octet-field.rb │ │ ├── nested-field.rb │ │ ├── octet-field.rb │ │ ├── pad-field.rb │ │ ├── signed-field.rb │ │ ├── text-field.rb │ │ ├── unsigned-field.rb │ │ └── yaml.rb │ ├── yahsnarf │ └── yahsnarf.rb ├── nsm └── tags /.gitignore: -------------------------------------------------------------------------------- 1 | *.swp 2 | nsm*.log 3 | -------------------------------------------------------------------------------- /CHANGELOG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/CHANGELOG -------------------------------------------------------------------------------- /LGPL.license: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/LGPL.license -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/LICENSE -------------------------------------------------------------------------------- /README: -------------------------------------------------------------------------------- 1 | See http://writequit.org/projects/nsm-console 2 | -------------------------------------------------------------------------------- /TODO: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/TODO -------------------------------------------------------------------------------- /docs/NSM-Console.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/docs/NSM-Console.pdf -------------------------------------------------------------------------------- /files: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/files -------------------------------------------------------------------------------- /gentags: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/gentags -------------------------------------------------------------------------------- /lib/colors.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/lib/colors.rb -------------------------------------------------------------------------------- /lib/command_manager.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/lib/command_manager.rb -------------------------------------------------------------------------------- /lib/commands.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/lib/commands.rb -------------------------------------------------------------------------------- /lib/encodelib.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/lib/encodelib.rb -------------------------------------------------------------------------------- /lib/history.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/lib/history.rb -------------------------------------------------------------------------------- /lib/logging.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/lib/logging.rb -------------------------------------------------------------------------------- /lib/nsm_alias.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/lib/nsm_alias.rb -------------------------------------------------------------------------------- /lib/nsm_category.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/lib/nsm_category.rb -------------------------------------------------------------------------------- /lib/nsm_console.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/lib/nsm_console.rb -------------------------------------------------------------------------------- /lib/nsm_helper.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/lib/nsm_helper.rb -------------------------------------------------------------------------------- /lib/nsm_module.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/lib/nsm_module.rb -------------------------------------------------------------------------------- /lib/pcaplib.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/lib/pcaplib.rb -------------------------------------------------------------------------------- /lib/pcapparser.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/lib/pcapparser.rb -------------------------------------------------------------------------------- /logs/logsgohere: -------------------------------------------------------------------------------- 1 | Logs go in this directory 2 | -------------------------------------------------------------------------------- /modules/README: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/README -------------------------------------------------------------------------------- /modules/afterglow.module/afterglow: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/afterglow.module/afterglow -------------------------------------------------------------------------------- /modules/afterglow.module/bin/afterglow.pl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/afterglow.module/bin/afterglow.pl -------------------------------------------------------------------------------- /modules/afterglow.module/bin/tcpdump.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/afterglow.module/bin/tcpdump.properties -------------------------------------------------------------------------------- /modules/afterglow.module/bin/tcpdump2csv.pl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/afterglow.module/bin/tcpdump2csv.pl -------------------------------------------------------------------------------- /modules/afterglow.module/defaults: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/afterglow.module/defaults -------------------------------------------------------------------------------- /modules/afterglow.module/description: -------------------------------------------------------------------------------- 1 | Generate afterglow graph of traffic 2 | -------------------------------------------------------------------------------- /modules/afterglow.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/afterglow.module/info -------------------------------------------------------------------------------- /modules/aimsnarf.module/aimsnarf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/aimsnarf.module/aimsnarf -------------------------------------------------------------------------------- /modules/aimsnarf.module/defaults: -------------------------------------------------------------------------------- 1 | OUTPUT_FILE=${PCAP_BASE}.aim 2 | -------------------------------------------------------------------------------- /modules/aimsnarf.module/description: -------------------------------------------------------------------------------- 1 | Extracts AIM messages from a pcap file 2 | -------------------------------------------------------------------------------- /modules/aimsnarf.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/aimsnarf.module/info -------------------------------------------------------------------------------- /modules/argus-basic.module/argus-basic: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus-basic.module/argus-basic -------------------------------------------------------------------------------- /modules/argus-basic.module/defaults: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus-basic.module/defaults -------------------------------------------------------------------------------- /modules/argus-basic.module/description: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus-basic.module/description -------------------------------------------------------------------------------- /modules/argus-basic.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus-basic.module/info -------------------------------------------------------------------------------- /modules/argus3-pcap2flow.module/argus3-pcap2flow: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus3-pcap2flow.module/argus3-pcap2flow -------------------------------------------------------------------------------- /modules/argus3-pcap2flow.module/defaults: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus3-pcap2flow.module/defaults -------------------------------------------------------------------------------- /modules/argus3-pcap2flow.module/description: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus3-pcap2flow.module/description -------------------------------------------------------------------------------- /modules/argus3-pcap2flow.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus3-pcap2flow.module/info -------------------------------------------------------------------------------- /modules/argus3-ramon.module/argus3-ramon: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus3-ramon.module/argus3-ramon -------------------------------------------------------------------------------- /modules/argus3-ramon.module/defaults: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus3-ramon.module/defaults -------------------------------------------------------------------------------- /modules/argus3-ramon.module/description: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus3-ramon.module/description -------------------------------------------------------------------------------- /modules/argus3-ramon.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus3-ramon.module/info -------------------------------------------------------------------------------- /modules/argus3-ramon.module/racluster-HostProto.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus3-ramon.module/racluster-HostProto.conf -------------------------------------------------------------------------------- /modules/argus3-ramon.module/racluster-HostSvc.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus3-ramon.module/racluster-HostSvc.conf -------------------------------------------------------------------------------- /modules/argus3-ramon.module/racluster-Matrix.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus3-ramon.module/racluster-Matrix.conf -------------------------------------------------------------------------------- /modules/argus3-ramon.module/racluster-Svc.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus3-ramon.module/racluster-Svc.conf -------------------------------------------------------------------------------- /modules/argus3-ramon.module/racluster-TopN.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/argus3-ramon.module/racluster-TopN.conf -------------------------------------------------------------------------------- /modules/bro-ids-conn.module/bro-ids-conn: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/bro-ids-conn.module/bro-ids-conn -------------------------------------------------------------------------------- /modules/bro-ids-conn.module/bro.cfg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/bro-ids-conn.module/bro.cfg -------------------------------------------------------------------------------- /modules/bro-ids-conn.module/defaults: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /modules/bro-ids-conn.module/description: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/bro-ids-conn.module/description -------------------------------------------------------------------------------- /modules/bro-ids-conn.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/bro-ids-conn.module/info -------------------------------------------------------------------------------- /modules/bro-ids-protocol.module/bro-ids-protocol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/bro-ids-protocol.module/bro-ids-protocol -------------------------------------------------------------------------------- /modules/bro-ids-protocol.module/bro.cfg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/bro-ids-protocol.module/bro.cfg -------------------------------------------------------------------------------- /modules/bro-ids-protocol.module/defaults: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/bro-ids-protocol.module/defaults -------------------------------------------------------------------------------- /modules/bro-ids-protocol.module/description: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/bro-ids-protocol.module/description -------------------------------------------------------------------------------- /modules/bro-ids-protocol.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/bro-ids-protocol.module/info -------------------------------------------------------------------------------- /modules/bro-ids-stream.module/bro-ids-stream: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/bro-ids-stream.module/bro-ids-stream -------------------------------------------------------------------------------- /modules/bro-ids-stream.module/bro.cfg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/bro-ids-stream.module/bro.cfg -------------------------------------------------------------------------------- /modules/bro-ids-stream.module/defaults: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /modules/bro-ids-stream.module/description: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/bro-ids-stream.module/description -------------------------------------------------------------------------------- /modules/bro-ids-stream.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/bro-ids-stream.module/info -------------------------------------------------------------------------------- /modules/capinfos.module/capinfos: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/capinfos.module/capinfos -------------------------------------------------------------------------------- /modules/capinfos.module/defaults: -------------------------------------------------------------------------------- 1 | OUTPUT_FILE=${PCAP_BASE}.capinfos -------------------------------------------------------------------------------- /modules/capinfos.module/description: -------------------------------------------------------------------------------- 1 | Extract information about a capture file -------------------------------------------------------------------------------- /modules/capinfos.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/capinfos.module/info -------------------------------------------------------------------------------- /modules/categories/IDS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/categories/IDS -------------------------------------------------------------------------------- /modules/categories/flow: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/categories/flow -------------------------------------------------------------------------------- /modules/categories/forensics: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/categories/forensics -------------------------------------------------------------------------------- /modules/categories/nsm: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /modules/categories/statistics: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/categories/statistics -------------------------------------------------------------------------------- /modules/categories/visualization: -------------------------------------------------------------------------------- 1 | afterglow 2 | flowtag 3 | -------------------------------------------------------------------------------- /modules/chaosreader.module/chaosreader: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/chaosreader.module/chaosreader -------------------------------------------------------------------------------- /modules/chaosreader.module/defaults: -------------------------------------------------------------------------------- 1 | OPTIONS=-v -------------------------------------------------------------------------------- /modules/chaosreader.module/description: -------------------------------------------------------------------------------- 1 | Trace TCP/UDP sessions and fetch application data -------------------------------------------------------------------------------- /modules/chaosreader.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/chaosreader.module/info -------------------------------------------------------------------------------- /modules/clamscan.module/clamscan: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/clamscan.module/clamscan -------------------------------------------------------------------------------- /modules/clamscan.module/defaults: -------------------------------------------------------------------------------- 1 | OUTPUT_FILE=${PCAP_BASE}.clamscan 2 | EXTRACT_MODULE=tcpxtract -------------------------------------------------------------------------------- /modules/clamscan.module/description: -------------------------------------------------------------------------------- 1 | Scan extracted files for malware -------------------------------------------------------------------------------- /modules/clamscan.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/clamscan.module/info -------------------------------------------------------------------------------- /modules/dnstop.module/defaults: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/dnstop.module/defaults -------------------------------------------------------------------------------- /modules/dnstop.module/description: -------------------------------------------------------------------------------- 1 | Extract DNS query information from the pcap 2 | -------------------------------------------------------------------------------- /modules/dnstop.module/dnstop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/dnstop.module/dnstop -------------------------------------------------------------------------------- /modules/dnstop.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/dnstop.module/info -------------------------------------------------------------------------------- /modules/fl0p.module/defaults: -------------------------------------------------------------------------------- 1 | OPTIONS=-U 2 | OUTPUT_FILE=${PCAP_BASE}.fl0p -------------------------------------------------------------------------------- /modules/fl0p.module/description: -------------------------------------------------------------------------------- 1 | Analyze the flow of packets for fingerprints -------------------------------------------------------------------------------- /modules/fl0p.module/fl0p: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/fl0p.module/fl0p -------------------------------------------------------------------------------- /modules/fl0p.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/fl0p.module/info -------------------------------------------------------------------------------- /modules/flowtag.module/defaults: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /modules/flowtag.module/description: -------------------------------------------------------------------------------- 1 | Visualizes the flows of a pcap file -------------------------------------------------------------------------------- /modules/flowtag.module/flowtag: -------------------------------------------------------------------------------- 1 | flowtag -o ${OUTPUT_DIR} ${PCAP_FILE} & 2 | -------------------------------------------------------------------------------- /modules/flowtag.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/flowtag.module/info -------------------------------------------------------------------------------- /modules/flowtime.module/defaults: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/flowtime.module/defaults -------------------------------------------------------------------------------- /modules/flowtime.module/description: -------------------------------------------------------------------------------- 1 | Create a timeline for network traffic flows -------------------------------------------------------------------------------- /modules/flowtime.module/flowtime: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/flowtime.module/flowtime -------------------------------------------------------------------------------- /modules/flowtime.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/flowtime.module/info -------------------------------------------------------------------------------- /modules/foremost.module/defaults: -------------------------------------------------------------------------------- 1 | EXTRACT_TYPE=all 2 | FOREMOST_OPTS=-v -------------------------------------------------------------------------------- /modules/foremost.module/description: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/foremost.module/description -------------------------------------------------------------------------------- /modules/foremost.module/foremost: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/foremost.module/foremost -------------------------------------------------------------------------------- /modules/foremost.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/foremost.module/info -------------------------------------------------------------------------------- /modules/harimau.module/defaults: -------------------------------------------------------------------------------- 1 | OUTPUT_FILE=${PCAP_BASE}.harimau -------------------------------------------------------------------------------- /modules/harimau.module/description: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/harimau.module/description -------------------------------------------------------------------------------- /modules/harimau.module/harimau: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/harimau.module/harimau -------------------------------------------------------------------------------- /modules/harimau.module/harimau.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/harimau.module/harimau.rb -------------------------------------------------------------------------------- /modules/harimau.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/harimau.module/info -------------------------------------------------------------------------------- /modules/harimau.module/pcapparser.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/harimau.module/pcapparser.rb -------------------------------------------------------------------------------- /modules/hash.module/defaults: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /modules/hash.module/description: -------------------------------------------------------------------------------- 1 | Create hashes of the pcap file 2 | -------------------------------------------------------------------------------- /modules/hash.module/hash: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/hash.module/hash -------------------------------------------------------------------------------- /modules/hash.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/hash.module/info -------------------------------------------------------------------------------- /modules/honeysnap.module/defaults: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/honeysnap.module/defaults -------------------------------------------------------------------------------- /modules/honeysnap.module/description: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/honeysnap.module/description -------------------------------------------------------------------------------- /modules/honeysnap.module/honeysnap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/honeysnap.module/honeysnap -------------------------------------------------------------------------------- /modules/honeysnap.module/honeysnap.cfg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/honeysnap.module/honeysnap.cfg -------------------------------------------------------------------------------- /modules/honeysnap.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/honeysnap.module/info -------------------------------------------------------------------------------- /modules/httpry.module/defaults: -------------------------------------------------------------------------------- 1 | OUTPUT_FILE=${PCAP_BASE}.httpry 2 | -------------------------------------------------------------------------------- /modules/httpry.module/description: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/httpry.module/description -------------------------------------------------------------------------------- /modules/httpry.module/httpry: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/httpry.module/httpry -------------------------------------------------------------------------------- /modules/httpry.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/httpry.module/info -------------------------------------------------------------------------------- /modules/ip2asn.module/defaults: -------------------------------------------------------------------------------- 1 | OUTPUT_FILE=${PCAP_BASE}.asn 2 | -------------------------------------------------------------------------------- /modules/ip2asn.module/description: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/ip2asn.module/description -------------------------------------------------------------------------------- /modules/ip2asn.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/ip2asn.module/info -------------------------------------------------------------------------------- /modules/ip2asn.module/ip2asn: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/ip2asn.module/ip2asn -------------------------------------------------------------------------------- /modules/ip2asn.module/ip2asn.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/ip2asn.module/ip2asn.rb -------------------------------------------------------------------------------- /modules/ip2asn.module/pcapparser.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/ip2asn.module/pcapparser.rb -------------------------------------------------------------------------------- /modules/iploc.module/defaults: -------------------------------------------------------------------------------- 1 | OUTPUT_FILE=${PCAP_BASE}.iploc.csv -------------------------------------------------------------------------------- /modules/iploc.module/description: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/iploc.module/description -------------------------------------------------------------------------------- /modules/iploc.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/iploc.module/info -------------------------------------------------------------------------------- /modules/iploc.module/iploc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/iploc.module/iploc -------------------------------------------------------------------------------- /modules/ngrep.module/description: -------------------------------------------------------------------------------- 1 | Grep through pcap file for data 2 | -------------------------------------------------------------------------------- /modules/ngrep.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/ngrep.module/info -------------------------------------------------------------------------------- /modules/ngrep.module/ngrep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/ngrep.module/ngrep -------------------------------------------------------------------------------- /modules/p0f.module/defaults: -------------------------------------------------------------------------------- 1 | OPTIONS=-U 2 | OUTPUT_FILE=${PCAP_BASE}.p0f -------------------------------------------------------------------------------- /modules/p0f.module/description: -------------------------------------------------------------------------------- 1 | Passive OS fingerprinting -------------------------------------------------------------------------------- /modules/p0f.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/p0f.module/info -------------------------------------------------------------------------------- /modules/p0f.module/p0f: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/p0f.module/p0f -------------------------------------------------------------------------------- /modules/pads.module/defaults: -------------------------------------------------------------------------------- 1 | OUTPUT_FILENAME=${PCAP_BASE}.pads -------------------------------------------------------------------------------- /modules/pads.module/description: -------------------------------------------------------------------------------- 1 | Passive Asset Detection System -------------------------------------------------------------------------------- /modules/pads.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/pads.module/info -------------------------------------------------------------------------------- /modules/pads.module/pads: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/pads.module/pads -------------------------------------------------------------------------------- /modules/snort.module/classification.config: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/classification.config -------------------------------------------------------------------------------- /modules/snort.module/defaults: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/defaults -------------------------------------------------------------------------------- /modules/snort.module/description: -------------------------------------------------------------------------------- 1 | Generate snort alerts from a pcap file -------------------------------------------------------------------------------- /modules/snort.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/info -------------------------------------------------------------------------------- /modules/snort.module/reference.config: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/reference.config -------------------------------------------------------------------------------- /modules/snort.module/rules/LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/LICENSE -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-attack_response.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-attack_response.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-botcc-BLOCK.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-botcc-BLOCK.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-botcc.excluded: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-botcc.excluded -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-botcc.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-botcc.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-compromised-BLOCK.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-compromised-BLOCK.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-compromised.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-compromised.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-dos.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-dos.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-drop-BLOCK.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-drop-BLOCK.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-drop.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-drop.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-dshield-BLOCK.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-dshield-BLOCK.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-dshield.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-dshield.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-exploit.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-exploit.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-game.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-game.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-inappropriate.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-inappropriate.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-malware.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-malware.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-p2p.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-p2p.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-policy.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-policy.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-rbn-BLOCK.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-rbn-BLOCK.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-rbn.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-rbn.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-scan.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-scan.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-sid-msg.map: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-sid-msg.map -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-virus.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-virus.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-voip.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-voip.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-web.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-web.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding-web_sql_injection.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding-web_sql_injection.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding.conf -------------------------------------------------------------------------------- /modules/snort.module/rules/bleeding.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/bleeding.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-bot.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-bot.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-deleted.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-deleted.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-dos.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-dos.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-exploit.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-exploit.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-ftp.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-ftp.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-game.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-game.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-icmp.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-icmp.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-imap.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-imap.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-inappropriate.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-inappropriate.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-mail-client.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-mail-client.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-misc.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-misc.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-nntp.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-nntp.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-oracle.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-oracle.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-policy.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-policy.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-sip.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-sip.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-smtp.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-smtp.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-sql-injection.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-sql-injection.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-virus.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-virus.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-web-attacks.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-web-attacks.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-web-cgi.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-web-cgi.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-web-client.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-web-client.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-web-dos.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-web-dos.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-web-iis.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-web-iis.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-web-misc.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-web-misc.rules -------------------------------------------------------------------------------- /modules/snort.module/rules/community-web-php.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/rules/community-web-php.rules -------------------------------------------------------------------------------- /modules/snort.module/snort: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/snort -------------------------------------------------------------------------------- /modules/snort.module/snort.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/snort.conf -------------------------------------------------------------------------------- /modules/snort.module/unicode.map: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/snort.module/unicode.map -------------------------------------------------------------------------------- /modules/tcpdstat.module/defaults: -------------------------------------------------------------------------------- 1 | OUTPUT_FILE=${PCAP_BASE}.tcpdstat -------------------------------------------------------------------------------- /modules/tcpdstat.module/description: -------------------------------------------------------------------------------- 1 | Extract statistics about a pcap file -------------------------------------------------------------------------------- /modules/tcpdstat.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tcpdstat.module/info -------------------------------------------------------------------------------- /modules/tcpdstat.module/tcpdstat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tcpdstat.module/tcpdstat -------------------------------------------------------------------------------- /modules/tcpflow.module/defaults: -------------------------------------------------------------------------------- 1 | OPTIONS=-v -------------------------------------------------------------------------------- /modules/tcpflow.module/description: -------------------------------------------------------------------------------- 1 | Extract flow information from a pcap file -------------------------------------------------------------------------------- /modules/tcpflow.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tcpflow.module/info -------------------------------------------------------------------------------- /modules/tcpflow.module/tcpflow: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tcpflow.module/tcpflow -------------------------------------------------------------------------------- /modules/tcpick.module/defaults: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tcpick.module/defaults -------------------------------------------------------------------------------- /modules/tcpick.module/description: -------------------------------------------------------------------------------- 1 | Generate traffic statistics and tcp stream files -------------------------------------------------------------------------------- /modules/tcpick.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tcpick.module/info -------------------------------------------------------------------------------- /modules/tcpick.module/tcpick: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tcpick.module/tcpick -------------------------------------------------------------------------------- /modules/tcptrace.module/defaults: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tcptrace.module/defaults -------------------------------------------------------------------------------- /modules/tcptrace.module/description: -------------------------------------------------------------------------------- 1 | Perform trace analysis on the packet file -------------------------------------------------------------------------------- /modules/tcptrace.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tcptrace.module/info -------------------------------------------------------------------------------- /modules/tcptrace.module/tcptrace: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tcptrace.module/tcptrace -------------------------------------------------------------------------------- /modules/tcpxtract.module/defaults: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tcpxtract.module/defaults -------------------------------------------------------------------------------- /modules/tcpxtract.module/description: -------------------------------------------------------------------------------- 1 | Extract data files from a pcap session 2 | -------------------------------------------------------------------------------- /modules/tcpxtract.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tcpxtract.module/info -------------------------------------------------------------------------------- /modules/tcpxtract.module/rp-tcpxtract.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tcpxtract.module/rp-tcpxtract.conf -------------------------------------------------------------------------------- /modules/tcpxtract.module/tcpxtract: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tcpxtract.module/tcpxtract -------------------------------------------------------------------------------- /modules/tcpxtract.module/tcpxtract.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tcpxtract.module/tcpxtract.conf -------------------------------------------------------------------------------- /modules/trace-summary.module/defaults: -------------------------------------------------------------------------------- 1 | OPTS= 2 | OUTPUT_FILE=${PCAP_BASE}.trace 3 | -------------------------------------------------------------------------------- /modules/trace-summary.module/description: -------------------------------------------------------------------------------- 1 | Generate a breakdown of network traffic 2 | -------------------------------------------------------------------------------- /modules/trace-summary.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/trace-summary.module/info -------------------------------------------------------------------------------- /modules/trace-summary.module/trace-summary: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/trace-summary.module/trace-summary -------------------------------------------------------------------------------- /modules/trace-summary.module/trace-summary.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/trace-summary.module/trace-summary.py -------------------------------------------------------------------------------- /modules/tshark.module/defaults: -------------------------------------------------------------------------------- 1 | OPTIONS=-qzio,phs -n 2 | OUTPUT_FILE=${PCAP_BASE}.tshark -------------------------------------------------------------------------------- /modules/tshark.module/description: -------------------------------------------------------------------------------- 1 | Analyze network traffic -------------------------------------------------------------------------------- /modules/tshark.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tshark.module/info -------------------------------------------------------------------------------- /modules/tshark.module/tshark: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/tshark.module/tshark -------------------------------------------------------------------------------- /modules/yahsnarf.module/defaults: -------------------------------------------------------------------------------- 1 | OUTPUT_FILE=${PCAP_BASE}.yahoo 2 | -------------------------------------------------------------------------------- /modules/yahsnarf.module/description: -------------------------------------------------------------------------------- 1 | Extract Yahoo IM conversations from the pcap 2 | -------------------------------------------------------------------------------- /modules/yahsnarf.module/info: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/yahsnarf.module/info -------------------------------------------------------------------------------- /modules/yahsnarf.module/lib/bit-struct.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/yahsnarf.module/lib/bit-struct.rb -------------------------------------------------------------------------------- /modules/yahsnarf.module/lib/bit-struct/bit-struct.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/yahsnarf.module/lib/bit-struct/bit-struct.rb -------------------------------------------------------------------------------- /modules/yahsnarf.module/lib/bit-struct/char-field.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/yahsnarf.module/lib/bit-struct/char-field.rb -------------------------------------------------------------------------------- /modules/yahsnarf.module/lib/bit-struct/float-field.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/yahsnarf.module/lib/bit-struct/float-field.rb -------------------------------------------------------------------------------- /modules/yahsnarf.module/lib/bit-struct/hex-octet-field.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/yahsnarf.module/lib/bit-struct/hex-octet-field.rb -------------------------------------------------------------------------------- /modules/yahsnarf.module/lib/bit-struct/nested-field.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/yahsnarf.module/lib/bit-struct/nested-field.rb -------------------------------------------------------------------------------- /modules/yahsnarf.module/lib/bit-struct/octet-field.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/yahsnarf.module/lib/bit-struct/octet-field.rb -------------------------------------------------------------------------------- /modules/yahsnarf.module/lib/bit-struct/pad-field.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/yahsnarf.module/lib/bit-struct/pad-field.rb -------------------------------------------------------------------------------- /modules/yahsnarf.module/lib/bit-struct/signed-field.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/yahsnarf.module/lib/bit-struct/signed-field.rb -------------------------------------------------------------------------------- /modules/yahsnarf.module/lib/bit-struct/text-field.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/yahsnarf.module/lib/bit-struct/text-field.rb -------------------------------------------------------------------------------- /modules/yahsnarf.module/lib/bit-struct/unsigned-field.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/yahsnarf.module/lib/bit-struct/unsigned-field.rb -------------------------------------------------------------------------------- /modules/yahsnarf.module/lib/bit-struct/yaml.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/yahsnarf.module/lib/bit-struct/yaml.rb -------------------------------------------------------------------------------- /modules/yahsnarf.module/yahsnarf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/yahsnarf.module/yahsnarf -------------------------------------------------------------------------------- /modules/yahsnarf.module/yahsnarf.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/modules/yahsnarf.module/yahsnarf.rb -------------------------------------------------------------------------------- /nsm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/nsm -------------------------------------------------------------------------------- /tags: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dakrone/nsm-console/HEAD/tags --------------------------------------------------------------------------------