Projects / JunkieTheSniffer

JunkieTheSniffer

Junkie is a real-time packet sniffer and analyzer. It is modular enough to accomplish many different tasks. It can be a helpful companion to the modern network administrator and analyst. Compared to previously available tools, junkie lies in between tcpdump and wireshark. Unlike tcpdump, its purpose is to parse protocols of any depth; unlike wireshark, though, it is designed to analyze traffic in real-time and so cannot parse traffic as exhaustively as wireshark does. In addition, its design encompasses extendability and speed. It has a plug-in system and high-level extension language that eases the development and combination of new functionalities; threaded packet capture and analysis for handling of high bandwidth networks; and a modular architecture to ease the addition of any protocol layer. It is based on libpcap for portability, and well-tested on professional settings.

Tags
Licenses
Operating Systems
Implementation

Recent releases

  •  14 Oct 2013 12:25

    Release Notes: This release fixes several file descriptors leaks and a segfault in openssl when decoding unknown cipher suites.

    •  27 Sep 2013 09:38

      Release Notes: This release fixes handling of the Session Tickets TLS extension and TLS decryption of CAMELIA cypher suite.

      •  20 Sep 2013 09:09

        Release Notes: This release fixes various bugs.

        •  05 Sep 2013 13:47

          Release Notes: A new Delayogram plugin to visualize ack delays. A new -f option to set the next capture filters from the command line. Support for Eth QinQ(inQ...), DHCP protocol. Autodiscovery of IRC, jabber, VNC, CIFS, PCanywhere, citrix, telnet, BGP, IMAP, POP, and NTP.

          •  19 Jun 2013 09:41

            Release Notes: This release adds a new parser for TLS (with optional decryption a la ssldump) and SKINNY protocols, reordering of all TCP traffic by default, and a new interactive plugin, NetTop, to display a top of current flows.

            Recent comments

            02 Oct 2013 11:53 rixed

            @mwakio: the sourcecode is hosted in github, here: https://github.com/securactive/junkie

            02 Oct 2013 11:34 mwakio

            how can i view the source code

            20 Apr 2013 11:39 rixed

            Hi. There is no support for MAP nor any other GSM family protocol, but I suppose it should be possible to do so, although these are better served by a generic ASN.1 decoder (BER variant IIRC).
            Not really hard to add but we have no motivation nor test equipment for GSM :-)

            06 Nov 2012 01:48 fadjar340

            Hi..


            Is it possible to parse GSM MAP protocol? or other GSM protocol from pcap or network device?

            Fadjar

            Screenshot

            Project Spotlight

            OpenStack4j

            A Fluent OpenStack client API for Java.

            Screenshot

            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.