tescat

package module

v0.0.0-...-09e401d Latest Latest Go to latest Published: Aug 7, 2015 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kevinmahaffey/tescat

Links

Open Source Insights

README ¶

Tescat
======

This tool analyzes UDP packets being broadcast on a specified port to the local network or from a PCAP file. It will identify packets that are unique since the start of the process.

Tescat is especially useful when you're analyzing a network with a large amount of baseline traffic that does not vary frequently and you want to identify anomalies some time after the initial baseline.

This was developed while auditing the internal LAN on the Tesla Model S.

Installation
------------
```
  go get github.com/kevinmahaffey/tescat
  go build src/github.com/kevinmahaffey/tescat/cmd/tescat.go
```
Running
-------
  
  Listen for UDP traffic destined to a given port
```
  ./tescat -p 20100
```

  Process UDP data from a pcap file looking for packets destined to a given port
```
  ./tescat -f mypcap.pcap -p 20100
```

Documentation ¶

Index ¶

type Capture
- func NewCapture() (c *Capture, err error)
- func (c *Capture) StartFromPCAP(file string, port int) (err error)
- func (c *Capture) StartFromUDP(port int) (err error)
type Message
- func NewHexMessage(messageType uint8, opCode uint8, hexData string) (m *Message, err error)
- func NewRawMessage(data []byte) (m *Message)
- func (m *Message) Bytes() []byte
- func (m *Message) String() string

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Capture ¶

type Capture struct {
	// contains filtered or unexported fields
}

func NewCapture ¶

func NewCapture() (c *Capture, err error)

func (*Capture) StartFromPCAP ¶

func (c *Capture) StartFromPCAP(file string, port int) (err error)

func (*Capture) StartFromUDP ¶

func (c *Capture) StartFromUDP(port int) (err error)

type Message ¶

type Message struct {
	Type    uint8
	Opcode  uint8
	Data    []byte
	Unknown []byte
}

func NewHexMessage ¶

func NewHexMessage(messageType uint8, opCode uint8, hexData string) (m *Message, err error)

func NewRawMessage ¶

func NewRawMessage(data []byte) (m *Message)

func (*Message) Bytes ¶

func (m *Message) Bytes() []byte

func (*Message) String ¶

func (m *Message) String() string

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL