Satori

From ForensicsWiki
Revision as of 22:58, 27 November 2008 by Xnih (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Satori performs passive OS identification on any packets it sees. It can parse and utilize the following packet types: DHCP, TCP (syn and syn/ack), ICMP, SMB, CDP, plus many others. It can be found at http://myweb.cableone.net/xnih