PcapsE-OS X is a wrapper of tcpreplay directly integrated on Mac OS X Mavericks 10.9.3 for the execution of caps files that generate simulated malware traffic to test IDS Mac OS X based or redirecting simulated malware traffic on the interface of the IDS to other devices that perform correlation of events. Options:(1) Chat (2) Unix (3) Microsoft (4) Mac OS X (5) Network (6) DHCP (7) Firewalls (8) Routers (9) Proxy (10) Switches (11) HTTP (12) HTTPS (13) DNS (14) SW (15) Nessus (16) Tacacs+ (17) Vmware (18) Backdoors (19) Citrix (20) Mail (21) P2P (22) SQL (23) Web (24) XSS (25) Exploits (26) Xprobe (27) Nmap (28) Telnet (29) SSH (30) FTP (31) Vnc (32) Radius (33) Tor (34) Malware (35) DoS (36) Botnet (37) Openssl (38) Run cap (39) Malware News (40) Updates 2013-2014 pcaps (41) Updates 2015 pcaps.

Features

  • PcapsE-OS X is a wrapper of tcpreplay directly integrated on Mac OS X Mavericks 10.9.3 for the execution of caps files that generate simulated malware traffic to test IDS Mac OS X based or redirecting simulated malware traffic on the interface of the IDS to other devices that perform correlation of events to test effectiveness. You need install libnet and tcpreplay. Libnet: sudo port install libnet11 @1.1.6_2 and install tcpreplay-4.0.4.tar.gz and MonoFramework-MRE-2.10.11.macos10.xamarin.x86 that empowering Common Language Runtime on Mac OS X. PcapsE-OS X must be installed on the same platform that is hosting the IDS and all the traffic generated by PcapsE-OS X should be directed to the IDS interface in order to test the effectiveness or the effectiveness of devices that performing correlation of events redirecting simulated malware traffic on the interface of the IDS to these devices. In Figure 2 and 3 show the use of PcapsE-OS X and the next step of packet capture with Wireshark. In Figure 3 in order to illustrate the use of PcapsE-OS X is the comparison between the malware traffic sniffed of the caps executed with the corresponding malware traffic contents in file .cap that i have renamed in file .pcap because Wireshark read only files with extension .pcap. Note: For run PcapsE-OS X you need to be root. The update source option 39 is Malware-Traffic-Analysis. Install Rename.dmg contents in PcapsE-OS X v.1.0.tgz and use the program Rename to change the extension of files .pcap in files .cap and read instructions for configuration of Mac OS X Syslogd.

Project Samples

Menu Directories Run and Sniffing cap

Project Activity

See All Activity >

Categories

Networking

License

Affero GNU Public License

Follow PcapsE-OS X

PcapsE-OS X Web Site

Other Useful Business Software
MongoDB Atlas runs apps anywhere Icon
MongoDB Atlas runs apps anywhere

Deploy in 115+ regions with the modern database for every enterprise.

MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
Start Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of PcapsE-OS X!

Additional Project Details

Operating Systems

BSD, Linux

Intended Audience

Security Professionals

Registered

2014-06-04
Report inappropriate content