Latest news

News archive

Tranalyzer2 Cobra version 0.9.4lmw1 is out!

Downloads

Source code tranalyzer-0.9.4lmw1.tar.gz
Docker tranalyzer-0.9.4lmw1-ubuntu.tar.gz

ChangeLog for 0.9.4lmw1

  • tranalyzer2:
    • Added MONITORING_LAST configuration flag to only keep last entry in monitoring file (-m option)
    • New macros:
    • Improved monitoring mode:
      • Fixed ns/us timestamps in core and monitoring mode
      • -M option now also valid for pcap time base option MONINTTMPCP
      • More precision for pcap time base option MONINTTMPCP
    • Faster, larger but less memory intensive subnet files, new format ver 6 NOTE: NOT backward compatible with earlier versions
    • Improved faster search algorithm for subnet files and tor info
    • Removed bug in -R/-D option, in ns mode (Thanks to the guys at University Twente)
    • Fix LAPD_OVER_UDP dissection
    • Code cleanup
    • Various fixes and improvements
  • basicFlow:
  • basicStats:
  • tcpFlags:
    • Fixed [JA4T/JA4TS](https://github.com/FoxIO-LLC/ja4 signatures, various fixes and improvements
  • connStat:
    • Fixed FP_LOG macros for subnet aggregation mode
  • bgpDecode:
    • Used HDR_CHR and SEP_CHR in output files
  • dnsDecode:
    • Updated new source for maldomain.txt, format change NOTE: NOT backward compatible with earlier versions
  • sslDecode:
    • Added support for JA4X fingerprints and certificate reassembly (thanks Etienne for the patch!)
    • Updated sslblacklist.[ct]sv
  • voipDetector:
    • Now decodes every SIP flow
    • Added more detailed call info in flow and packet mode
    • Improved SIP / RTP flow correlation
    • Added config more options
  • regexHyperscan:
    • Added usage if filename argument or file does not exist
  • t2utils.h:
    • Introduced MIN4() and MAX4() macros
  • gt2whois:
    • GTK 4 graphical user interface to t2whois
  • New plugins:
    • entropyFSeg
    • entropySeg

Thursday, 17.07.2025

Tranalyzer2 Cobra version 0.9.3lmw3 is out!

ChangeLog for 0.9.3lmw3

  • bgpDecode:
    • Renamed Packet/flowIndex/Timestamp to pktNo/flowInd/time in output files
  • httpSniffer:
    • Added antivirus information
  • mndpDecode:
    • Removed MNDP_SAVE configuration flag (exact same output as packet mode)
  • ospfDecode:
    • Renamed NumPkts to pktNo in output files
  • sslDecode:
    • Added support for QUIC
    • Fixed JA4/JA4S computation for special cases (no signature algorithms, …)
    • Updated sslblacklist.[ct]sv
    • Updated JA4/JA4S fingerprints
    • Various fixes and improvements
  • tcpFlags:
    • Renamed tcpInitWinSz_tcpSSAOpts_tcpMSS_tcpWS to tcpJA4T (JA4T/JA4TS)
    • Improved and extended counting of flags and flags combinations
    • Various fixes and improvements
  • vrrpDecode:
    • Renamed flowIndex to flowInd in vrrp.txt file
  • t2conf:
    • Various fixes and improvements
  • t2py:
    • Various fixes and improvements
  • t2test:
    • Various fixes and improvements
  • t2utils.sh:
    • Added tests
    • Added $PYTHON variable
  • New plugins:
    • centrality
    • dfft
    • gquicDecode
    • gsmDecode
    • liveXtr
    • quicDecode
    • regexHyperscan
    • regex_re2
    • telegram
    • wechatDecode

Thursday, 21.11.2024

Tranalyzer2 Cobra version 0.9.3lmw2 is out!

ChangeLog for 0.9.3lmw2

Thursday, 10.10.2024

News archive