Latest News

Tranalyzer2 Tarantula version 0.8.3lm2 is out!

  • Landattack L2 removed
  • update protStat, t2plot and tawk
  • fix of setup.sh

Tuesday, 02.04.2019

Andy in Finland

  • The Anteater is currently in Finland giving a workshop at the BoostAcademy in Turku and eating some bugs, courtesy of ENTIS. Find out more about the workshop here!

Friday, 29.03.2019

Tranalyzer2 Tarantula version 0.8.2lm2 is out!

  • Fix for OSX

Tuesday, 19.02.2019

Tranalyzer2 Tarantula version 0.8.2lm1 is out!

  • New plugin: findexer
  • basicFlow:
    • Updated IPv4/6 databases
    • Flag Tor addresses
  • dnsDecode: blacklisted domain names detection
  • ftpDecode: bug fixes
  • geoip: updated databases
  • nDPI: updated nDPI library to 2.6.0
  • pwX: improved detection of HTTP based credentials
  • sslDecode: updated JA3/JA3S database and SSL blacklist
  • tranalyzer2:
    • Improved final and monitoring reports
    • Improved network aggregation mode IPv4/6
  • autogen.sh:
    • Faster parallel compilation
    • New -P/–profile option
  • Simpler control of MAC addresses representation (utils/bin2txt.h):
    • MAC_FORMAT: 0: string, 1: hex
    • MAC_SEP: separator for MAC addresses as string (default: “:”)
  • Avoid unecessary dependency to zlib (*Sink)
  • tawk: removed deprecated function bitisset
    • Use bitsanyset and bitsallset instead
  • Bugfixes and code hardening

Wednesday, 06.02.2019

Tranalyzer2 Tarantula version 0.8.1lm4 is out!

  • facilitated configuration of .h files via t2conf
  • bugfixes in basicFlow (teredo)
  • improved fpsStat mining script
  • output function refactoring
  • doc fixed

  • tutorial corrections

Thursday, 08.11.2018

Tranalyzer2 Tarantula version 0.8.1lm3 is out!

  • more TM features in nFrstPkts scripts, tutorial improvements
  • tcpFlags minwinsz detection, doc
  • telnetDecode bug fixes
  • minor code refactoring

Friday, 02.11.2018

Tranalyzer2 Tarantula version 0.8.1lm2 is out!

  • Fix for older distributions where zlib version < 1.2.9 (big thanks to Ali Safari Khatouni from Dalhousie University for reporting the issue!)

Tuesday, 30.10.2018

Tranalyzer2 Tarantula version 0.8.1 is out!

  • New plugins: sslDecode (SSL/TLS, including JA3 hash), p0f (OS fingerprinting)
  • Improved t2fm: create PDF report from MongoDB or PostgreSQL database
  • nFrstPkt: new signal preprocessing features
  • New t2plot and traffic mining scripts
  • Improved dnsDecode and arpDecode
  • txtSink: added option to compress (gzip) the output
  • geo labeling information for packet mode (-s option)
  • checkout our tutorials

Friday, 26.10.2018

Tranalyzer2 Tarantula version 0.8.0 is out!

  • Concurrent L2, IPv4/6 triple mode.
  • Linux & MAC tested.
  • It is a different and more potential beast, so check it out.

Friday, 06.07.2018

Tranalyzer2 Boeing version 0.7.6 is out!

This is the last Boeing version before the ipv4/6 dual mode Tarantula version!

  • Linux & MAC tested.
  • Improved end and t2fm report.
  • Several bug fixes.
  • Some protocol plugins added.
  • Improved IPv4/6 geolabeling in basicFlow plugin, now also nonCIDR ranges are possible, if enabled: SUBRNG=1.
  • Improved packet/flow statistics for traffic mining.

Wednesday, 16.05.2018

Tranalyzer2 Boeing Version 0.7.5 is out!

  • Linux & MAC tested.
  • More support for L2 encapsulations
  • improved packet mode
  • core code refactored
  • fast and more precise IPv4/6 geolabeling in basicFlow (special thx to Lars from UniBW), so slow geoip might be obsolete some day.
  • And because somebody insisted on a telnet plugin, here it is. Have fun!

Tuesday, 30.01.2018

Tranalyzer2 Boeing Version 0.7.4 is out!

  • HashAutopilot: Protection against flow hash overflow, T2 finishes its job without complaining
  • Added support for GENEVE, VXLAN-GPE and NSH
  • Added support for WCCP, JUNIPER_PPPOE and JUMBO_LLC
  • Added support for DLT_PPP_SERIAL
  • New plugins for RADIUS, LLDP and CDP
  • Better fragmentation hashing

Monday, 20.11.2017

Tranalyzer 2 Boeing Version 0.7.1 is out!

  • several encapsulations added, such as:
    • ethip
    • capwap
    • anything in anything
    • … and more!
  • improved packet mode, now each plugin can contribute, protocol description column
  • improved protocol plugins including content downloads
  • improved SCTP support
  • better human readability of end report,
  • improved PDF summary report scripts
  • new powerful tawk post processing scripts

We are also continuously fuzzing and testing Tranalyzer to keep it resilient against all kinds of attacks.

Friday, 23.06.2017

New tutorial

PDF Report Generation from PCAP using t2fm

Sample report (IPs and passwords anonymized for privacy reasons): (PDF)

Tuesday, 09.05.2017