Monitoring / Logging

What2Log – Logging is essential in computer security. Computer logs can tell someone everything they need to know about what happened on a particular machine at a particular time. Events can be strung together to create a timeline of several events that happened during a time period. justniffer – Justniffer is a network protocol analyzer […]

Full Packet Capture / Forensic

ngrep – ngrep is like GNU grep applied to the network layer. It’s a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, […]