PcapsE-OS X is a wrapper of tcpreplay directly integrated on Mac OS X Mavericks 10.9.3 for the execution of caps files that generate simulated malware traffic to test IDS Mac OS X based or redirecting simulated malware traffic on the interface of the IDS to other devices that perform correlation of events. Options:(1) Chat (2) Unix (3) Microsoft (4) Mac OS X (5) Network (6) DHCP (7) Firewalls (8) Routers (9) Proxy (10) Switches (11) HTTP (12) HTTPS (13) DNS (14) SW (15) Nessus (16) Tacacs+ (17) Vmware (18) Backdoors (19) Citrix (20) Mail (21) P2P (22) SQL (23) Web (24) XSS (25) Exploits (26) Xprobe (27) Nmap (28) Telnet (29) SSH (30) FTP (31) Vnc (32) Radius (33) Tor (34) Malware (35) DoS (36) Botnet (37) Openssl (38) Run cap (39) Malware News (40) Updates 2013-2014 pcaps (41) Updates 2015 pcaps.

Features

  • PcapsE-OS X is a wrapper of tcpreplay directly integrated on Mac OS X Mavericks 10.9.3 for the execution of caps files that generate simulated malware traffic to test IDS Mac OS X based or redirecting simulated malware traffic on the interface of the IDS to other devices that perform correlation of events to test effectiveness. You need install libnet and tcpreplay. Libnet: sudo port install libnet11 @1.1.6_2 and install tcpreplay-4.0.4.tar.gz and MonoFramework-MRE-2.10.11.macos10.xamarin.x86 that empowering Common Language Runtime on Mac OS X. PcapsE-OS X must be installed on the same platform that is hosting the IDS and all the traffic generated by PcapsE-OS X should be directed to the IDS interface in order to test the effectiveness or the effectiveness of devices that performing correlation of events redirecting simulated malware traffic on the interface of the IDS to these devices. In Figure 2 and 3 show the use of PcapsE-OS X and the next step of packet capture with Wireshark. In Figure 3 in order to illustrate the use of PcapsE-OS X is the comparison between the malware traffic sniffed of the caps executed with the corresponding malware traffic contents in file .cap that i have renamed in file .pcap because Wireshark read only files with extension .pcap. Note: For run PcapsE-OS X you need to be root. The update source option 39 is Malware-Traffic-Analysis. Install Rename.dmg contents in PcapsE-OS X v.1.0.tgz and use the program Rename to change the extension of files .pcap in files .cap and read instructions for configuration of Mac OS X Syslogd.

Project Samples

Menu Directories Run and Sniffing cap

Project Activity

See All Activity >

Categories

Networking

License

Affero GNU Public License

Follow PcapsE-OS X

PcapsE-OS X Web Site

You Might Also Like
Achieve perfect load balancing with a flexible Open Source Load Balancer Icon
Achieve perfect load balancing with a flexible Open Source Load Balancer

Take advantage of Open Source Load Balancer to elevate your business security and IT infrastructure with a custom ADC Solution.

Boost application security and continuity with SKUDONET ADC, our Open Source Load Balancer, that maximizes IT infrastructure flexibility. Additionally, save up to $470 K per incident with AI and SKUDONET solutions, further enhancing your organization’s risk management and cost-efficiency strategies.
Learn More
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of PcapsE-OS X!

Additional Project Details

Operating Systems

Linux, BSD

Intended Audience

Security Professionals

Registered

2014-06-04
Report inappropriate content