Satori

From Forensics Wiki
Revision as of 22:24, 13 March 2013 by Xnih (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Satori performs passive OS identification on any packets it sees. It can parse and utilize the following packet types: DHCP, TCP (syn and syn/ack), ICMP, SMB, CDP, plus many others. It can be found at http://chatteronthewire.org