Projects

PCAP Tools

I created these tools for two reasons, to learn C and to hopefully start writing some good code for network/system forensics. The tools parse through PCAP/tcpdump files using the WinPCAP library. To use the tools you will need to install the PCAP library on your system.
NOTE: The tools have only been tested on Windows XP/7.

  • PCAP_AppleTV - Pulls AppleTV search strings.
  • PCAP_Dump - Mosly just test code and useless.
  • PCAP_getpost - Dumps all HTTP/1.1 GET and POST requests.
  • PCAP_regex - Allows you to perform a regex search on the packets; basicly a very basic ngrep.
SVN/Download
More Info

Changes

downtime -- 4 file(s) modified
Added pcap files to the ignore list.
~ /trunk/pcap_appletv
~ /trunk/pcap_dump
~ /trunk/pcap_getpost
~ /trunk/pcap_regex

downtime -- 34 file(s) modified
Initial repository upload
+ /trunk/pcap_appletv
+ /trunk/pcap_appletv/epoch_to_date.c
+ /trunk/pcap_appletv/hex_to_ascii.c
+ /trunk/pcap_appletv/main.c
+ /trunk/pcap_appletv/Makefile.win
+ /trunk/pcap_appletv/pcap.bat
+ /trunk/pcap_appletv/pcap_appletv.dev
+ /trunk/pcap_appletv/pcap_appletv.exe
+ /trunk/pcap_appletv/regex2.dll
+ /trunk/pcap_dump
+ /trunk/pcap_dump/hex_to_ascii.c
+ /trunk/pcap_dump/main.c
+ /trunk/pcap_dump/Makefile.win
+ /trunk/pcap_dump/pcap.bat
+ /trunk/pcap_dump/pcap_test.dev
+ /trunk/pcap_dump/pcap_test.exe
+ /trunk/pcap_dump/pcap_test.layout
+ /trunk/pcap_getpost
+ /trunk/pcap_getpost/epoch_to_date.c
+ /trunk/pcap_getpost/hex_to_ascii.c
+ /trunk/pcap_getpost/main.c
+ /trunk/pcap_getpost/Makefile.win
+ /trunk/pcap_getpost/pcap.bat
+ /trunk/pcap_getpost/pcap_getpost.dev
+ /trunk/pcap_getpost/pcap_getpost.exe
+ /trunk/pcap_getpost/regex2.dll
+ /trunk/pcap_regex
+ /trunk/pcap_regex/epoch_to_date.c
+ /trunk/pcap_regex/hex_to_ascii.c
+ /trunk/pcap_regex/main.c
+ /trunk/pcap_regex/Makefile.win
+ /trunk/pcap_regex/pcap.bat
+ /trunk/pcap_regex/pcap_regex.dev
+ /trunk/pcap_regex/regex2.dll

downtime -- 3 file(s) modified
Initial repository structure
+ /branches
+ /tags
+ /trunk
img cache