🔎Julia Evans🔍 on Twitter: “ngrep: grep your network!… “
Posted by jpluimers on 2021/02/16
[WayBack] 🔎Julia Evans🔍 auf Twitter: “ngrep: grep your network!… “
So this taught me a new tool and other new things:
- ngrep – Wikipedia
ngrep is similar to tcpdump, but it has the ability to look for a regular expression in the payload of the packet, and show the matching packets on a screen or console. It allows users to see all unencrypted traffic being passed over the network, by putting the network interface into promiscuous mode.
ngrep with an appropriate BPF filter syntax, can be used to debug plain text protocols interactions like HTTP, SMTP, FTP, DNS, among others, or to search for a specific string or pattern, using a grep regular expression syntax.[4][5]
ngrep also can be used to capture traffic on the wire and store pcap dump files, or to read files generated by other sniffer applications, like tcpdump, or wireshark.
ngrep has various options or command line arguments. The ngrep man page in UNIX-like operating systems show a list of available options.
- [WayBack] GitHub – jpr5/ngrep.
ngrep is like GNU grep applied to the network layer. It’s a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.
- [WayBack] BPF syntax
- Berkeley Packet Filter – Wikipedia
–jeroen
The Wiert Corner - irregular stream of stuff 
Leave a Reply