diff options
author | Emiliano Ciavatta | 2020-04-01 12:21:58 +0000 |
---|---|---|
committer | Emiliano Ciavatta | 2020-04-01 12:21:58 +0000 |
commit | 2b9ccbe76c6975fe7cd09a3260ba459d59b9970a (patch) | |
tree | 6eaf94a797261f2db0736d4abe999db219fcad7a /README.md |
Initial commit
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..8180132 --- /dev/null +++ b/README.md @@ -0,0 +1,9 @@ +# [WIP] Caronte + +<img align="left" src="https://divinacommedia.weebly.com/uploads/5/5/2/3/5523249/1299707879.jpg"> +Caronte is a tool to analyze the network flow during capture the flag events of type attack/defence. +It reassembles TCP packets captured in pcap files to rebuild TCP connections, and analyzes each connection to find user-defined patterns. +The patterns can be defined as regex or using protocol specific rules. +The connection flows are saved into a database and can be visualized with the web application. REST API are also provided. + +Packets can be captured locally on the same machine or can be imported remotely. The streams of bytes extracted from the TCP payload of packets are processed by [Hyperscan](https://github.com/intel/hyperscan), an high-performance regular expression matching library. // TODO
\ No newline at end of file |