Martin Hauke
mnhauke
Involved Projects and Packages
Osmocom SIMtrace 2 is a software and hardware system for passively
tracing SIM-ME communication between the SIM card and the mobile phone,
and remote SIM operation.
This package contains SIMtrace 2 host utility.
Sipp is a performance testing tool for the SIP protocol. Its main features are
basic SIPStone scenarios, TCP/UDP transport, customizable (xml based) scenarios,
dynamic adjustement of call-rate and a comprehensive set of real-time
statistics.
Sipsak is a small command line tool for developers and administrators
of Session Initiation Protocol (SIP) applications. It can be used for
some simple tests on SIP applications and devices, including sending
OPTIONS requests, sending text files with SIP requests, traceroute,
user location test, flooding test, etc
sngrep displays SIP Messages grouped by Call-Id into flow
diagrams. It can be used as an offline pcap viewer or online
capture using libpcap functions.
It supports SIP UDP and TCP transports (when each message is
delivered in one packet).
Open source implementation of the STUN protocol (Session Traversal
Utilities for NAT) as specified in RFCs 5389, 5769, and 5780.
It also includes backwards compatibility for RFC 3489. It includes
a high performance STUN server, and a client application.
ISDN Q.921/Q.931 D-channel decoder / protocol analyzer.
Supported sources:
* ISDN4Linux (procfs)
* mISDN (socket)
* Cisco AS (file) 'debug isdn q931'/'debug isdn q921'
* Ascend (Lucent) MAX (file)
* Asterisk (file) 'pri set debug ...'
* Auerswald PBXs (TCP)
* monsoft watchS0 isdn-analyzer (file)
See README for more details.
Yet Another Telephone Engine
Yate is a telephony engine designed to implement PBX and IVR solutions
for small to large scale projects.
This module implements a 2G GSM BTS for Yate.
At least one transceiver package must also be installed for
interfacing with the hardware.
Utility for setting RTC based on gpsd time.
A full-featured implementation of the Network Time Protocol,
including support for NTS (Network Time Security).
It includes both client and server support.
ntpperf simulates NTP clients or PTP slaves sending requests at an increasing
rate and prints how many responses were received and lost. If the computer
running ntpperf has an accurate clock and the network delay to the server/master
is constant and known (e.g. there is a direct connection), it can also show
how does the accuracy of the transmit timestamp change with increasing rate of
requests.
ntpperf generates and processes raw Ethernet frames using libpcap. Requests from
the simulated clients/slaves have source addresses from a specified private
IPv4 network. The server/master and/or network needs to be configured to route
the responses to the computer running ntpperf, which should drop them (ideally
in the raw table of iptables to minimize the time wasted in the networking stack).
Network Time Security (NTS) support using the gnutls library can be enabled by
setting the NTPPERF_NTS environment variable for the build.
Userland tools to test Linux kernel PPS API. See Documentations/pps/pps.txt
for reference.
The Swiss Army knife for WiFi, Bluetooth Low Energy, wireless HID hijacking and
Ethernet networks reconnaissance and MITM attacks.
Bit-Twist is a simple yet powerful libpcap-based Ethernet packet generator.
It is designed to complement tcpdump, which by itself has done a great job
at capturing network traffic.
With Bit-Twist, you can now regenerate your captured traffic onto a live
network!
Packets are generated from tcpdump trace file (.pcap file).
Bit-Twist also comes with a comprehensive trace file editor to allow you to
change the contents of a trace file.
Generally, packet generator is useful in simulating networking traffic or
scenario, testing firewall, IDS, and IPS, and troubleshooting various network
problems.
bmon is a portable bandwidth monitor and rate estimator. It supports various
input methods for different architectures. Various output modes exist,
including an interactive curses interface, lightweight HTML output, and simple
ASCII output. Statistics may be distributed over a network using multicast or
unicast and collected at some point to generate a summary of statistics for a
set of nodes.
A network testing tool for access and routing protocols. It can emulate
massive PPPoE and IPoE (DHCP) subscribers including IPTV, and L2TP (LNS).
There are various routing protocols supported like ISIS and BGP.
So you can use it for end-to-end BNG and non-BNG router testing.
You can use the included traffic generator for forwarding verification,
QoS testing or to measure convergence times. The traffic generator supports
millions of separate tracked flows. This allows you to verify every single
forwarding state of a full feed internet routing table. You can also send
traffic to every single QoS queue of your service edge router.
The following helper tools are also provided:
* bngblaster-cli
Python script to interact with the BNG Blaster control socket JSON RPC API.
* bgpupdate
Python script to generate BGP RAW update streams for use with
the BNG Blaster.
https://rtbrick.github.io/bngblaster/
A console based wireshark like protocol analyzer.
It is using libwireshark for the protocol dissection.
Ditto is a small tool that accepts a domain name as input and
generates all its variants for an homograph attack as output,
checking which ones are available and which are already
registered.
Endlessh is an SSH tarpit that very slowly sends an endless, random SSH banner.
It keeps SSH clients locked up for hours or even days at at time. The purpose
is to put your real SSH server on another port and then let the script kiddies
get stuck in this tarpit instead of bothering a real server.
Since the tarpit is in the banner before any cryptographic exchange occurs,this
program doesn't depend on any cryptographic libraries. It's a simple,
single-threaded, standalone C program. It uses poll() to trap multiple clients
at a time.
Forced browsing is an attack where the aim is to enumerate and access
resources that are not referenced by the web application, but are
still accessible by an attacker.
feroxbuster uses brute force combined with a wordlist to search for
unlinked content in target directories. These resources may store
sensitive information about web applications and operational systems,
such as source code, credentials, internal network addressing, etc...
This attack is also known as Predictable Resource Location, File
Enumeration, Directory Enumeration, and Resource Enumeration.
