start
Table of Contents
Packet-o-matic NG
Packet-o-matic NG aka pom-ng is the new generation of packet-o-matic. It is a complete rewrite based on the previous version with improved architectural design and packet processing. Notable new features are multi-input support and multi-thread processing.
If you are looking for documentation about the old version of packet-o-matic, see here.
General
- Installation : Step by step intstallation procedure
- Getting started : Beginner's guide to pom-ng
- DOCSIS : Notes about sniffing DOCSIS streams
- Core : Documentation pom-ng's core including command line parameters and global parameters
- Events : List of all events that can be generated
- Lua : Lua API documentation
- Roadmap : Roadmap for pom-ng
- Features wishlist : Add the feature you'd like to see here !
- Troubleshooting : Troubleshooting steps for various problems
Modules
Here is a list of available modules.
Input
- docsis : Read DOCSIS packets from a digital TV card
- docsis_scan : Scan for DOCSIS streams using a digital TV card
- dvb_atsc : Read MPEG-TS packets from an ATSC/QAM card
- dvb_c : Read MPEG-TS packets from a DVB-C card aka digital TV card
- dvb_device : Read MPEG-TS packets from a DVB device, used only for specific cards with proprietary drivers
- dvb_s : Read MPEG-TS packets from a DVB-S device aka satellite card
- kismet_drone : Connect to a Kismet drone
- pcap_dir : Read packets from pcap files in a directory
- pcap_file : Read packets from a pcap file
- pcap_interface : Read packets from a network card
Output
- file : Save parsed payloads into files
- inject : Inject packets to an interface
- log_txt : Save events into plain text files according a template
- log_xml : Save events into XML files
- pcap_file : Save packets into pcap files
- pcap_flow : Save connections into separate pcap files
- tap : Dumps packets to a virtual tap interface
Addons output
- http_cookies : Dump HTTP session cookies in a text file
- http_media : Dump HTTP images or video and create an apache like log for each file
- http_searches : Dump searches performed on web sites based on a regex
- wallofsheep : Dump All the clear-text password found in a text file
Protocol
- 80211 : Parse 802.11 aka wireless frames
- arp : Parse ARP packets
- dns : Parse DNS packets
- docsis : Parse DOCSIS aka cable modems packets
- docsis_mgmt : Parse DOCSIS management packets
- ethernet : Parse ethernet frames
- gre : Parse GRE packets
- http : Parse the HTTP protocol
- icmp : Parse ICMP packets
- icmp6 : Parse ICMPv6 packets
- imap : Parse IMAP packets
- ipv4 : Parse IP (version 4) packets
- ipv6 : Parse IPv6 packets
- mpeg_dvb_mpe : Parse DVB MPE (Multi Protocol Encapsulation) packets found in MPEG traffic
- mpeg_sect : Parse MPEG section packets
- mpeg_ts : Parse MPEG-TS packets as defined in ISO/IEC 13818-1 or ITU-T Rec. H.222.0
- ppp : Parse PPP packets
- ppp_chap: Parse PPP-CHAP packets
- ppp_pap: Parse PPP-PAP packets
- pppoe : Parse PPPoE packets
- radiotap : Parse radiotap packets used for encapsulating wireless (802.11) frames
- rtp : Parse RTP packets
- sip : Parse SIP packets
- smtp : Parse the SMTP protocol
- tcp : Parse TCP packets
- tftp : Parse TFTP packets
- udp : Parse UDP datagrams
- vlan : Parse VLAN aka 802.1q packets
Analyzer
- arp : Analyze ARP packets
- dns : Analyze DNS packets
- docsis : Analyze DOCSIS packets
- dtmf : Analyze DTMF events in SIP sessions
- gif : Analyze GIF images
- http : Analyze HTTP connections
- http_post : Analyze HTTP POST payloads (form-urlencoded)
- imap : Analyzer IMAP packets
- jpeg : Analyze JPEG images
- multipart : Analyzer MIME multipart payloads
- png : Analyze PNG images
- ppp_chap : Analyze PPP-CHAP events
- ppp_pap: Analyze PPP-PAP events
- rfc822 : Analyzer RFC822 messages
- rtp : Analyze RTP streams
- sdp : Analyze SDP describing media sessions
- sip : Analyzer SIP messages and session
- smtp : Analyze SMTP connections
- tftp : Analyze TFTP packets
Datastore
start.txt · Last modified: 2020/05/26 21:59 by 127.0.0.1