libndpi.git - Open Source Deep Packet Inspection Software Toolkit

	Commit message (Collapse)	Author	Age
...
* \|	Added extension to detect nested subdomains as used in Browsertunnel attack tool	Luca Deri	2020-09-09
\|/ \| \| \|	https://github.com/veggiedefender/browsertunnel
*	Added pcap file which contains dnscrypt-v1 data and resolver update ↵	Toni Uhlig	2020-09-07
\| \| \| \| \| \| \| \|	requests/responses (v1/v2). * Renamed dnscrypt.pcap to simple-dnscrypt.pcap Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Added dnscrypt-v2-doh resolver test pcaps.	Toni Uhlig	2020-09-07
\| \| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	QUIC: add support for GQUIC T050 and T051	Nardi Ivan	2020-08-30
\| \| \| \| \| \|	QUIC versioning wasn't complex enough without T05X family... These versions are very similar to Q050, but use TLS as their handshake protocol.
*	QUIC: minor fixes	Nardi Ivan	2020-08-24
\| \| \| \| \| \|	LGTM found a real issue on a boundary check Fix unit tests: a pcap ha been uploaded twice (with different names) Fix compilation when using DPDK (see #990)
*	Added som GQUIC and IETF QUIC test pcaps	Luca Deri	2020-08-22
\|
*	Major rework of QUIC dissector	Nardi Ivan	2020-08-21
\| \| \| \| \|	Improve support for GQUIC (up to Q046) and add support for Q050 and (IETF-)QUIC Still no sub-classification for Q050 and QUIC
*	Added the ability do identigy as DGA those host/domain names with too many ↵	Luca Deri	2020-08-21
\| \| \| \| \| \| \|	consucutive repeated characters such as ckaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa used fr netbios reflection attacks https://www.akamai.com/uk/en/multimedia/documents/state-of-the-internet/ddos-reflection-netbios-name-server-rpc-portmap-sentinel-udp-threat-advisory.pdf
*	Added (manipulated) MySQL 8 test pcap.	Toni Uhlig	2020-08-20
\| \| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Suspicious ESNI usage: add a comment and a pcap example	Nardi Ivan	2020-08-06
\| \| \| \|	See: 79b89d286605635f15edfe3c21297aaa3b5f3acf
*	Improved HTTP line parsing if request splitted into multiple packets.	Toni Uhlig	2020-07-05
\| \| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Fixed heap overflow in tls esni extraction triggered by manipulated packets.	Toni Uhlig	2020-06-29
\| \| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	TLS: extract JA3 signatures in some corner cases	Nardi Ivan	2020-06-28
\| \| \| \| \|	In some (rare) cases, Client Hello message contains lots of cipher suits.
*	Fixed off-by-one error in h323.	Toni Uhlig	2020-06-27
\| \| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Added malformed packet risk support	Luca Deri	2020-06-26
\|
*	Fixed missing length check in fbzero.	Toni Uhlig	2020-06-23
\| \| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Fixed use after free caused by dangling pointer	Toni Uhlig	2020-06-21
\| \| \| \| \| \|	* This fix also improved RCE Injection detection Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Merge pull request #920 from lnslbrty/fix/tls-rdn-crash	Luca Deri	2020-06-19
\|\ \| \| \| \|	Fixed stack overflow caused by missing length check
\| *	Fixed stack overflow caused by missing length check	Toni Uhlig	2020-06-18
\| \| \| \| \| \| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
* \|	Added GoogleDNS DoH on Android 10	Luca Deri	2020-06-19
\| \|
* \|	Implemented proprietary AnyDesk protocol	Toni Uhlig	2020-06-17
\|/ \| \| \|	Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
*	Added check to avoid producing alerts for known protocol on unknown port ↵	Luca Deri	2020-05-30
\| \| \| \|	when using TLS
*	Refreshed test pcap	Luca Deri	2020-05-28
\|
*	Added support for Encrypted TLS SNI dissection	Luca Deri	2020-05-28
\| \| \| \|	https://datatracker.ietf.org/doc/draft-ietf-tls-sni-encryption/
*	Result update	Luca Deri	2020-05-27
\|
*	Added pcap with encrypted SNI	Luca Deri	2020-05-27
\| \| \| \| \|	- https://blog.cloudflare.com/encrypted-sni/ - https://www.inmotionhosting.com/support/website/security/dns-over-https-encrypted-sni-in-firefox/
*	Improvements on GotoMeeting	Luca Deri	2020-05-15
\| \| \| \|	Added pcap for testing malware
*	Added self signed certificate test pcap	Luca Deri	2020-05-08
\|
*	Updated automa API to use 32 bit values splits from protocol/categpry	Luca Deri	2020-05-06
\|
*	Removed now obsolete MSN protocol	Luca Deri	2020-05-03
\| \| \| \|	Added nats.io protocol dissector
*	Merge pull request #883 from leonn/websocket	Luca Deri	2020-04-27
\|\ \| \| \| \|	:bulb: implement WebSocket protocol dissector
\| *	:bulb: implement websocket protocol dissector	Leonn Paiva	2020-04-26
\| \|
* \|	Add basic support for some ip-in-ip tunnels	Nardi Ivan	2020-04-23
\|/ \| \| \| \| \| \| \|	Add support for 4in4, 6in6 and 4in6 encapsulations Add support for ipv6 traffic in gtp tunnels, too To allow gtp unit test, gtp detunneling flag has been globally enabled in the test suite
*	Added detection of Microsoft Teams	Luca Deri	2020-04-16
\|
*	Added s7comm test pcap	Luca Deri	2020-03-27
\|
*	Merge branch 'dev' of https://github.com/ntop/nDPI into dev	Luca Deri	2020-03-23
\|\
\| *	Format update	Luca Deri	2020-03-23
\| \|
* \|	Format update	Luca Deri	2020-03-23
\|/
*	Added fuzz-2020-02-16-11 fuzzy pcap	Luca Deri	2020-03-23
\|
*	Added fuzz-2006-09-29-2858 fuzzy pcap	Luca Deri	2020-03-23
\|
*	Added fuzz-2006-06-26-2594.pcap fuzzy pcap	Luca Deri	2020-03-23
\|
*	Added wa_video.pcap	Luca Deri	2020-03-23
\|
*	Added wa_voice.pcap	Luca Deri	2020-03-23
\|
*	Added netflow-fritz.pcap	Luca Deri	2020-03-23
\|
*	Added smb_deletefile.pcap	Luca Deri	2020-03-23
\|
*	Added iphone.pcap	Luca Deri	2020-03-23
\|
*	Added android.pcap	Luca Deri	2020-03-23
\|
*	Added badpackets.pcap	Luca Deri	2020-03-23
\|
*	Added dns_exfiltration.pcap	Luca Deri	2020-03-23
\|
*	Added netbios.pcap	Luca Deri	2020-03-23
\|