This Tool Demo covers following tools where the speaker has contributed or authored
RUDRA
RUDRA
Presentation Material
Abstract
Rudra aims to provide a developer-friendly framework for exhaustive analysis of pcap files (later versions will support more filetypes). It provides features to scan pcaps and generates reports that include pcap’s structural properties, entropy visualization, compression ratio, theoretical minsize, etc. These help to know type of data embedded in network flows and when combined with flow stats like protocol, Yara and shellcode matches eventually help an analyst to quickly decide if a test file deserves further investigation.