User Tools

Site Tools


start

Table of Contents

Packet-o-matic NG

Packet-o-matic NG aka pom-ng is the new generation of packet-o-matic. It is a complete rewrite based on the previous version with improved architectural design and packet processing. Notable new features are multi-input support and multi-thread processing.

If you are looking for documentation about the old version of packet-o-matic, see here.

General

  • Installation : Step by step intstallation procedure
  • Getting started : Beginner's guide to pom-ng
  • DOCSIS : Notes about sniffing DOCSIS streams
  • Core : Documentation pom-ng's core including command line parameters and global parameters
  • Events : List of all events that can be generated
  • Lua : Lua API documentation
  • Roadmap : Roadmap for pom-ng
  • Features wishlist : Add the feature you'd like to see here !
  • Troubleshooting : Troubleshooting steps for various problems

Modules

Here is a list of available modules.

Input

  • docsis : Read DOCSIS packets from a digital TV card
  • docsis_scan : Scan for DOCSIS streams using a digital TV card
  • dvb_atsc : Read MPEG-TS packets from an ATSC/QAM card
  • dvb_c : Read MPEG-TS packets from a DVB-C card aka digital TV card
  • dvb_device : Read MPEG-TS packets from a DVB device, used only for specific cards with proprietary drivers
  • dvb_s : Read MPEG-TS packets from a DVB-S device aka satellite card
  • kismet_drone : Connect to a Kismet drone
  • pcap_dir : Read packets from pcap files in a directory
  • pcap_file : Read packets from a pcap file
  • pcap_interface : Read packets from a network card

Output

  • file : Save parsed payloads into files
  • inject : Inject packets to an interface
  • log_txt : Save events into plain text files according a template
  • log_xml : Save events into XML files
  • pcap_file : Save packets into pcap files
  • pcap_flow : Save connections into separate pcap files
  • tap : Dumps packets to a virtual tap interface

Addons output

  • http_cookies : Dump HTTP session cookies in a text file
  • http_media : Dump HTTP images or video and create an apache like log for each file
  • http_searches : Dump searches performed on web sites based on a regex
  • wallofsheep : Dump All the clear-text password found in a text file

Protocol

  • 80211 : Parse 802.11 aka wireless frames
  • arp : Parse ARP packets
  • dns : Parse DNS packets
  • docsis : Parse DOCSIS aka cable modems packets
  • docsis_mgmt : Parse DOCSIS management packets
  • ethernet : Parse ethernet frames
  • gre : Parse GRE packets
  • http : Parse the HTTP protocol
  • icmp : Parse ICMP packets
  • icmp6 : Parse ICMPv6 packets
  • imap : Parse IMAP packets
  • ipv4 : Parse IP (version 4) packets
  • ipv6 : Parse IPv6 packets
  • mpeg_dvb_mpe : Parse DVB MPE (Multi Protocol Encapsulation) packets found in MPEG traffic
  • mpeg_sect : Parse MPEG section packets
  • mpeg_ts : Parse MPEG-TS packets as defined in ISO/IEC 13818-1 or ITU-T Rec. H.222.0
  • ppp : Parse PPP packets
  • ppp_chap: Parse PPP-CHAP packets
  • ppp_pap: Parse PPP-PAP packets
  • pppoe : Parse PPPoE packets
  • radiotap : Parse radiotap packets used for encapsulating wireless (802.11) frames
  • rtp : Parse RTP packets
  • sip : Parse SIP packets
  • smtp : Parse the SMTP protocol
  • tcp : Parse TCP packets
  • tftp : Parse TFTP packets
  • udp : Parse UDP datagrams
  • vlan : Parse VLAN aka 802.1q packets

Analyzer

  • arp : Analyze ARP packets
  • dns : Analyze DNS packets
  • docsis : Analyze DOCSIS packets
  • dtmf : Analyze DTMF events in SIP sessions
  • gif : Analyze GIF images
  • http : Analyze HTTP connections
  • http_post : Analyze HTTP POST payloads (form-urlencoded)
  • imap : Analyzer IMAP packets
  • jpeg : Analyze JPEG images
  • multipart : Analyzer MIME multipart payloads
  • png : Analyze PNG images
  • ppp_chap : Analyze PPP-CHAP events
  • ppp_pap: Analyze PPP-PAP events
  • rfc822 : Analyzer RFC822 messages
  • rtp : Analyze RTP streams
  • sdp : Analyze SDP describing media sessions
  • sip : Analyzer SIP messages and session
  • smtp : Analyze SMTP connections
  • tftp : Analyze TFTP packets

Datastore

start.txt · Last modified: 2020/05/26 21:59 by 127.0.0.1