Junkie is a real-time packet sniffer and analyzer. It is modular enough to accomplish many different tasks. It can be a helpful companion to the modern network administrator and analyst. Compared to previously available tools, junkie lies in between tcpdump and wireshark. Unlike tcpdump, its purpose is to parse protocols of any depth; unlike wireshark, though, it is designed to analyze traffic in real-time and so cannot parse traffic as exhaustively as wireshark does. In addition, its design encompasses extendability and speed. It has a plug-in system and high-level extension language that eases the development and combination of new functionalities; threaded packet capture and analysis for handling of high bandwidth networks; and a modular architecture to ease the addition of any protocol layer. It is based on libpcap for portability, and well-tested on professional settings.
@mwakio: the sourcecode is hosted in github, here: https://github.com/securactive/junkie
Hi. There is no support for MAP nor any other GSM family protocol, but I suppose it should be possible to do so, although these are better served by a generic ASN.1 decoder (BER variant IIRC).
Not really hard to add but we have no motivation nor test equipment for GSM :-)