Ferret-Sidejack
Ferret-sidejack monitors network traffic and extracts interesting data from it. It can feed data to the hamster tool or output to text files for analysis with indexers and grep.
Description
Ferret-sidejack is a network monitoring tool that extracts valuable information from captured traffic. It processes data in real-time or from offline files, identifying noteworthy bits for further analysis.
One primary use case is piping output to the hamster tool for additional processing. Alternatively, users can dump the extracted data into text files and employ indexers or grep commands to search and analyze the content effectively.
The tool operates within the FERRET 3.0.1 framework, supporting both live sniffing and file-based analysis, making it versatile for cybersecurity investigations involving network data.
How It Works
Ferret-sidejack uses libpcap (or winpcap) to capture packets from network adapters in live mode or reads pcap files offline. It parses the traffic to identify and extract interesting data, which can be output for tools like hamster or saved as text for grep-based analysis. Built with libpcap version 1.10.5 supporting TPACKET_V3, it handles both wired and wireless sniffing.
Installation
sudo apt install ferret-sidejackFlags
Examples
ferret-sidejack -hferret-sidejack -i eth0ferret-sidejack -i wlan0ferret-sidejack -r capture.pcapferret-sidejack -r *.pcapferret-sidejack -c config.txtferret-sidejack -i eth0 | hamster