Dshell

Dshell is a network forensic analysis framework. Enables rapid development of plugins to support the dissection of network packet captures.
Dshell logo

Dshell

An extensible network forensic analysis framework. Enables rapid development of plugins to support various protocols.


Features

  • Collecting TFTP data and converting alerts to JSON format
  • Decoding traffic using various plugins
  • Running plugins within separate Python scripts

Plugins

  • Supports various protocols, including TFTP
  • Can be developed and integrated into the framework
  • Allows for customization of plugin-specific arguments

Usage

  • Run decode main function with all other arguments
  • Specify files to analyze using the files argument
  • Define plugin-arguments using the plugin_args argument
  • Run plugins within separate Python scripts using the DshellPlugin class

Output

  • JSON format alerts for TFTP traffic
  • Customizable output based on plugin-specific settings




> Visit Dshell Website <
Best Search
Popular Tags