vrr/nDPI
2
0
Fork 0
mirror of https://github.com/vel21ripn/nDPI.git synced 2026-05-06 03:45:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
2662 commits 9 branches 12 tags 263 MiB
Commit graph

2662 commits

This branch
This branch
All branches
Author SHA1 Message Date
Luca Deri
dfa9dd66c0 Added case-insensitive substring matching 2020-08-10 19:36:43 +02:00
Luca Deri
95dfbdc64a
Merge pull request #973 from IvanNardi/esni3 
Add risk flag about suspicious ESNI usage
 2020-08-06 10:18:27 +02:00
Luca Deri
c2156a5161 Added note on memory management 2020-08-06 09:19:04 +02:00
Luca Deri
5b6ffad278 Added new ndpi_string_sha1_hash API call 2020-08-05 21:45:38 +02:00
Luca Deri
d3fb1fb25a Fixed possible memory leak in TLS certificate handling 2020-08-05 17:57:00 +02:00
Nardi Ivan
79b89d2866 Add risk flag about suspicious ESNI usage 
In a Client Hello, the presence of both SNI and ESNI may obfuscate the real
domain of an HTTPS connection, fooling DPI engines and firewalls, similarly
to Domain Fronting.

Such technique is reported in a presentation at DEF CON 28:
"Domain Fronting is Dead, Long Live Domain Fronting: Using TLS 1.3 to evade
censors, bypass network defenses, and blend in with the noise"
Full credit for the idea must go the original author

At the moment, the only way to get the pdf presention and related video is via
https://forum.defcon.org/node/234492
Hopefully a direct link (and an example pcap) will be available soon
 2020-08-05 17:13:23 +02:00
Luca Deri
07d9fa7f96 Win #define fix 2020-08-05 11:13:27 +02:00
Luca Deri
00b2763399 Added check on payload lenght during extra packet processing 2020-08-04 21:59:45 +02:00
Luca Deri
e16675b700 Added new traffic category for connectivity check detection 2020-08-04 18:09:13 +02:00
Luca Deri
ea10b8e757 Added memory checks 2020-08-02 13:00:31 +02:00
aouinizied
57e28e03ee Sync TLS definitions. 2020-08-01 01:27:29 +02:00
Luca Deri
2ae4c6675d Fixed partial TLS dissection 2020-07-30 18:30:07 +02:00
Luca Deri
e71df49b3e Changed due to bin size extension 2020-07-30 00:06:46 +02:00
Luca Deri
6904935934 Restored TLS dissection 2020-07-30 00:06:35 +02:00
Luca Deri
a828ac0191 Tiny changes for TLS block lenght dissection 2020-07-29 22:36:27 +02:00
aouinizied
c4b19fd6c5 Update CFFI definitions. 2020-07-29 12:31:21 +02:00
Luca Deri
02dc8d5feb
Merge pull request #970 from IvanNardi/fix 
Minor fixes
 2020-07-28 19:38:12 +02:00
Luca Deri
32bd3d7a59 TLS dissection improvements 2020-07-28 01:06:38 +02:00
Luca Deri
da87cc3157 Added NDPI_SMB_INSECURE_VERSION for detecting insecure SMB versions (e.g. v1) 2020-07-27 13:05:06 +02:00
Luca Deri
69f140878c Boundary check on QUIC 2020-07-27 07:40:50 +02:00
Luca Deri
4b1cae2c2b Boundary check 2020-07-27 06:52:35 +02:00
Nardi Ivan
7d843f4d17 Minor fixes 
Fix a memory leak and an issue (re)-introduced in configure script
 2020-07-26 21:11:34 +02:00
Luca Deri
95263fc32e Added parentheses to avoid issues with macro expansion 2020-07-25 18:59:48 +02:00
Luca Deri
1c405e382a SSH code cleanup 2020-07-25 16:43:54 +02:00
Luca Deri
b26539d65a
Merge pull request #967 from MrRadix/dev 
Ssh signature checking
 2020-07-25 16:17:24 +02:00
MrRadix
6719fa30f9 added other ssh implementations to check 2020-07-24 20:53:02 +02:00
Luca Deri
21e2e57614 Fixed bin similarity 2020-07-24 01:30:58 +02:00
Luca Deri
439558f6a3 Improved bin clustering 2020-07-22 23:56:50 +02:00
Luca Deri
0956badd11
Merge pull request #968 from catenacyber/fuzzci 
Reenables CI with sanitizers
 2020-07-22 19:38:05 +02:00
MrRadix
a9ca47fcdb added cipher check 2020-07-22 17:17:12 +02:00
MrRadix
1c1be5a0d1 Resolved conflicts on fetch 2020-07-22 16:25:01 +02:00
Philippe Antoine
2723ac70ce msan cxx 2020-07-22 16:09:13 +02:00
Luca Deri
3cd1ec5c9a Added changes for handlign SSSH cipher detection 2020-07-22 15:58:46 +02:00
Philippe Antoine
a279423bff Reenables CI with sanitizers 2020-07-22 15:49:03 +02:00
MrRadix
a3ba9253ef fixed bug inside set bit macro call 2020-07-22 15:39:44 +02:00
MrRadix
c450caae94 modified new last two risks 2020-07-22 15:38:31 +02:00
Luca Deri
36af97a14c Minor HLL fixes 2020-07-22 14:40:15 +02:00
MrRadix
af5d792c08 added sscanf error handling 2020-07-22 13:06:08 +02:00
MrRadix
8e2cd9ff43 improved performance and legibility 2020-07-22 12:42:26 +02:00
MrRadix
88dd3ebd62 added modified risks 2020-07-22 12:41:59 +02:00
MrRadix
d9fc4d52e9 merged with remote 2020-07-22 11:56:51 +02:00
MrRadix
a688e36b51 improved ndpi_risk2str output for new risks 2020-07-22 11:44:56 +02:00
Luca Deri
f83d0b18c6 Introduced SSH rick checks 2020-07-22 11:40:57 +02:00
Luca Deri
66178e37cc
Merge pull request #966 from catenacyber/ossfuzzbuild 
Enables fuzz targets even without sanitizer
 2020-07-22 11:36:48 +02:00
Luca Deri
1740042cbb
Merge branch 'dev' into ossfuzzbuild 2020-07-22 11:36:31 +02:00
Luca Deri
f6242f0e46 HLL memory usage notes 2020-07-22 11:28:14 +02:00
MrRadix
0a182c6d18 Merge remote-tracking branch 'ntop_origin/dev' into dev 2020-07-22 11:15:02 +02:00
MrRadix
53b2b08aeb added new risks to ndpi_risk_enum 2020-07-22 10:56:59 +02:00
MrRadix
9c521c5ddd added new risks iside ndpi_risk2str function 2020-07-22 10:55:53 +02:00
MrRadix
847eb7b180 improved performance by removing linear scan 2020-07-22 10:54:55 +02:00