The US Army open sourced a network traffic analysis framework!

Jerod Santo Jerod Santo

A Python-based packet capture analysis tool called Dshell found its way on to GitHub recently. This fact might be of marginal interest if it weren't for the first line in the LICENSE.TXT:

This project constitutes a work of the United States Government and is not subject to domestic copyright protection under 17 USC 105.

You know what that means. This code was paid for by tax-payer dollars. It is the first repo to be made available under the US Army Research Laboratory organization. Hopefully it will not be the last.

Dshell lets you analyze network packet captures — the ones created by tools like tcpdump and Wireshark — from the command line. It looks pretty nice, even reassembling TCP streams so you can analyze them at a higher level (e.g. – as HTTP traffic).

The tool is reportedly extensible via a plugin system. And you know how we developers love extensibility. There have already been 19 PRs filed on the repo, 7 of which have been merged. Open source FTW.

0:00 / 0:00