PcapsE-OS X is a wrapper of tcpreplay directly integrated on Mac OS X Mavericks 10.9.3 for the execution of caps files that generate simulated malware traffic to test IDS Mac OS X based or redirecting simulated malware traffic on the interface of the IDS to other devices that perform correlation of events. Options:(1) Chat (2) Unix (3) Microsoft (4) Mac OS X (5) Network (6) DHCP (7) Firewalls (8) Routers (9) Proxy (10) Switches (11) HTTP (12) HTTPS (13) DNS (14) SW (15) Nessus (16) Tacacs+ (17) Vmware (18) Backdoors (19) Citrix (20) Mail (21) P2P (22) SQL (23) Web (24) XSS (25) Exploits (26) Xprobe (27) Nmap (28) Telnet (29) SSH (30) FTP (31) Vnc (32) Radius (33) Tor (34) Malware (35) DoS (36) Botnet (37) Openssl (38) Run cap (39) Malware News (40) Updates 2013-2014 pcaps (41) Updates 2015 pcaps.

Features

  • PcapsE-OS X is a wrapper of tcpreplay directly integrated on Mac OS X Mavericks 10.9.3 for the execution of caps files that generate simulated malware traffic to test IDS Mac OS X based or redirecting simulated malware traffic on the interface of the IDS to other devices that perform correlation of events to test effectiveness. You need install libnet and tcpreplay. Libnet: sudo port install libnet11 @1.1.6_2 and install tcpreplay-4.0.4.tar.gz and MonoFramework-MRE-2.10.11.macos10.xamarin.x86 that empowering Common Language Runtime on Mac OS X. PcapsE-OS X must be installed on the same platform that is hosting the IDS and all the traffic generated by PcapsE-OS X should be directed to the IDS interface in order to test the effectiveness or the effectiveness of devices that performing correlation of events redirecting simulated malware traffic on the interface of the IDS to these devices. In Figure 2 and 3 show the use of PcapsE-OS X and the next step of packet capture with Wireshark. In Figure 3 in order to illustrate the use of PcapsE-OS X is the comparison between the malware traffic sniffed of the caps executed with the corresponding malware traffic contents in file .cap that i have renamed in file .pcap because Wireshark read only files with extension .pcap. Note: For run PcapsE-OS X you need to be root. The update source option 39 is Malware-Traffic-Analysis. Install Rename.dmg contents in PcapsE-OS X v.1.0.tgz and use the program Rename to change the extension of files .pcap in files .cap and read instructions for configuration of Mac OS X Syslogd.

Project Samples

Menu Directories Run and Sniffing cap

Project Activity

See All Activity >

Categories

Networking

License

Affero GNU Public License

Follow PcapsE-OS X

PcapsE-OS X Web Site

Other Useful Business Software
Our Free Plans just got better! | Auth0 Icon
Our Free Plans just got better! | Auth0

With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
Try free now
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of PcapsE-OS X!

Additional Project Details

Operating Systems

BSD, Linux

Intended Audience

Security Professionals

Registered

2014-06-04
Report inappropriate content