Script Library
Sample scripts to help you get started with Unsniff Scripting
|
The Unsniff Scripting API allows you to write powerful snippets of Ruby or VBScript to accomplish very specific tasks. You get full access to reconstruction, protocol field details, TCP sessions, even user objects via the scripting API. |
Select a category or scroll below for scripts
| General |
Simple scripts used to explore the Unsniff Scripting API, batch processing, and drilldowns |
| Import/Export |
Script to import/export various entities, some bulk import export |
| Protocol Specific |
Scripts specific to a protocol or family of protocols (eg. TCP, IP) |
| Advanced |
Advanced network analysis tools.
Mostly written in Ruby (with Fox-Ruby user interfaces) |
Category : General
[Back to top]
Category: Import/Export
[Back to top]
|
Purpose
|
Ruby, VBScript
|
|
Display all the fields for a given packet and layer
|
Ruby(dlayer.rb)
VBScript(dlayer.vbs)
|
|
Batch import several files in libpcap/tcpdump format into a single unsniff capture file. You may use wildcards to match libpcap files to be imported.
|
Ruby(batchimp.rb)
VBScript(batchimp.vbs)
|
|
Export a entire unsniff capture file to libpcap/tcdump format
|
Ruby(export1.rb)
VBScript(export1.vbs)
|
|
Export a selected session (TCP/IP) to a libpcap/tcpdump file
|
Ruby(export2.rb)
VBScript(export2.vbs)
|
|
Export individual packets to a libpcap/tcpdump file
|
Ruby(export3.rb)
VBScript(export3.vbs)
|
|
Import a libpcap/tcpdump file into a new Unsniff capture file
|
Ruby(import1.rb)
VBScript(import1.vbs)
|
|
Import a TCPDUMP file, then for each TCP Session in the file, reassemble and dump each direction of traffic into separate files.
Script is called xs.vbs (Xtract Sessions)
|
VBScript(xs.vbs) |
Category : Protocol Specific
[Back to top]
|
Purpose
|
Ruby, VBScript
|
Find out which HTTP servers set or received what cookies from browsers
|
Ruby(- na -)
VBScript (prcookie.vbs)
|
|
Print all segments in a stream (TCP Session)
|
Ruby(- na -)
VBScript(stmdrill.vbs)
|
|
Print a count of packets in a capture file (alternate version)
|
Ruby(- na -)
VBScript(tcount2.vbs)
|
|
Print all TCP port pairs in a capture file
|
Ruby(tcpports.rb)
VBScript(tcpports.vbs)
|
|
Print all TCP port pairs in a capture file (alternate version using the Find method)
|
Ruby(- na -)
VBScript(tcpports2.vbs)
|
|
Identify TCP/IP servers. Print the busiest servers by total bytes and connection. A TCP/IP server is one which is the target of a SYN packet.
|
Ruby(busyserver.rb)
VBScript(- na -)
|
[Back to top]
Category : Advanced
[Back to top]
|
Purpose
|
Ruby, VBScript
|
IAX2 Call Analysis [Article]
This tool is an offline IAX2 Call Analysis script. Run in on a IAX2 (Asterisk) capture to study QoS of each call in the file. It can do Call Bandwidth, Jitter, Interarrival Delay, Loss, and IAX2 Event analysis |
Ruby (iax2ana.rb) |
|
Packet Length Analysis [Article]
This tool draws a bar chart showing packet length distribution in a capture file
|
Ruby (lendist.rb)
|
|
UnleashCharts charting library
A open source Ruby Charting library project started by Unleash Networks
|
Ruby(UnleashCharts.rb)
|
|
Traffic Monitor [Article]
Draws a graph showing traffic (in bps) observed over time in a capture file
|
Ruby(trafmon.rb)
|
|
TCP Analysis [Article]
A comprehensive TCP analysis tool with over 6 charts. Includes detecting retransmission, duplicate acks, out of order segments, round trip time, and congestion analysis.
|
Ruby (anastm.rb)
|
[Back to top]
|
