THCsnooze is a framework for network traffic analysis. it can be used as a sniffer or a network based intrusion detection system. it will watch the network traffic and invoke small programs ("modules" or "protocol dissectors"), which are easily written in a script language, to gather information from the data.
the possible applications for THCsnooze range from simple and advanced sniffing to passive network auditing. it is possible to write modules that will track a connection until a successful login occured. or you can check if a client application establishes with a ssl enabled server (insecure) SSLv2 connections.
For a short introduction how to write modules please checkout our small HOWTO.
There are no binary packages. We have no plans to change this in the future. For install instructions check out the README from the package.
If you want to report a bug or submit a patch send an email to members thc org with "[snooze-bug]" as the subject. Before reporting bugs make sure you run the latest version of snooze and check the BUGS file from the source package.
A new module can be submitted by sending an email to members thc org with "[snooze-module]" as the subject. Before you send us a module please check out the modules repository.