-
Notifications
You must be signed in to change notification settings - Fork 0
/
todo.txt
46 lines (31 loc) · 1.13 KB
/
todo.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
TODO--
1.Add CLI capabilities -- DONE
-TCP/UDP
-Port #
2.Integrate sniffing capabailities into CLI -- DONE
3.After packet capture, create PCAP file -- DONE
4.Start on threat detection service
-extract domain from DNS -- done
-extract src and dst ip from IPv4 -- done
-storage? where do we store the data? -- done
-scheduling mechanism -- DONE
-how do we configure sniffer to stop/run on demand
-30 seconds? 1 minute? etc.
-create service that opens reads pcap files --DONE
-internal host to host communication --done
5.Add visualizations for captured traffic using cytoscape.js --done
6.Store application layer data to the db
-HTTP - DONE
-FTP - DONE
-TELNET - DONE
7.Parse HTTP headers --DONE
-Type of request (GET,POST, etc..)
-Host, Content Type, Referer
8.Work on adding application layer data to GUI -- DONE
9.Clean up frontend code
-specifically protocols --Done
10.Add highlighting on graph -- DONE
11.Add DNS fields
-integrate into frontend -- DONE
12.Add capability to upload pcap files
-use a pcap example from malware analysis and update the visualizer to showcase a real world attack using this tool.