vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-04-28 23:19:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
5656 commits 9 branches 12 tags 263 MiB
Commit graph

77 commits

Author SHA1 Message Date
Toni
656323c334
Added missing files to `make dist' target which are not required to build nDPI but still somehow essential. (#1024) 
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
 2020-09-29 17:58:33 +02:00
Luca Deri
60a9f6610d Added risks for checking 
- invalid DNS traffic (probably carrying exfiltrated data)
- TLS traffic with no SNI extension
 2020-09-21 19:57:23 +02:00
aouinizied
4cc4efa228 Update example. 2020-09-14 16:42:33 +02:00
Luca Deri
638624869a Added new risk for NDPI_UNSAFE_PROTOCOL that identifies protocols that are not condidered safe/secure 2020-08-30 20:48:58 +02:00
aouinizied
8c2c388d54 Add Connectivity check category and blacklisted host risk. 2020-08-10 21:19:17 +02:00
Nardi Ivan
79b89d2866 Add risk flag about suspicious ESNI usage 
In a Client Hello, the presence of both SNI and ESNI may obfuscate the real
domain of an HTTPS connection, fooling DPI engines and firewalls, similarly
to Domain Fronting.

Such technique is reported in a presentation at DEF CON 28:
"Domain Fronting is Dead, Long Live Domain Fronting: Using TLS 1.3 to evade
censors, bypass network defenses, and blend in with the noise"
Full credit for the idea must go the original author

At the moment, the only way to get the pdf presention and related video is via
https://forum.defcon.org/node/234492
Hopefully a direct link (and an example pcap) will be available soon
 2020-08-05 17:13:23 +02:00
aouinizied
57e28e03ee Sync TLS definitions. 2020-08-01 01:27:29 +02:00
aouinizied
c4b19fd6c5 Update CFFI definitions. 2020-07-29 12:31:21 +02:00
MrRadix
88dd3ebd62 added modified risks 2020-07-22 12:41:59 +02:00
MrRadix
53b2b08aeb added new risks to ndpi_risk_enum 2020-07-22 10:56:59 +02:00
aouinizied
e2e0303099 Add ssl_version_str to flow structure. 2020-07-13 12:48:35 +02:00
aouinizied
ce02359953 Add NDPI_MALFORMED_PACKET risk. 2020-07-09 00:56:44 +02:00
aouinizied
4247dd8322 Synchronize type definitions. 2020-06-12 22:58:58 +02:00
aouinizied
e5c2c400ef Update APIs and structures. 2020-05-22 23:48:54 +02:00
Zied Aouini
1bee9d85a4
Fix flow_printer example. 2020-04-15 08:05:03 +02:00
Zied Aouini
dcb6fde0c9 Update Python cffi bindings. 2020-02-21 17:28:44 +01:00
MrTiz9
daa1171593 nDPI now detect RCE in HTTP GET requests 2020-01-24 17:16:18 +01:00
Zied Aouini
cffb11fbc9 Update ndpi_flow_struct definition. 2019-12-23 11:22:23 +01:00
aouinizied
a95cfcc989 Implement cffi bindings. 2019-11-28 03:09:13 +01:00
aouinizied
82a186e096 Polish. 2019-11-15 19:30:50 +01:00
aouinizied
e467fe9aa6 Improve python bindings. 2019-11-15 19:18:30 +01:00
Luca Deri
f2a5bbef17 Reworked categories handling 
Removed GenericProtocol and replaced with categories
Removed ndpi_pref_enable_category_substring_match option: substring matching is now default
 2019-09-29 21:46:41 +02:00
bohmax
02609114d3
Add files via upload 2019-09-29 11:10:46 +02:00
Luca Deri
19dbcaa3a9 Fixes #777 2019-09-23 18:04:55 +02:00
bohmax
8246467022
Add files via upload 2019-09-23 17:40:34 +02:00
bohmax
90c28e9d63
Delete ndpi_typestruct.py 2019-09-23 17:40:16 +02:00
Luca Deri
f0013e826e Added python bindings for nDPI 2019-09-15 22:32:18 +02:00