Tranalyzer Original

Network network pcap

Source (link to git-repo or to original if based on someone elses unmodified work): Add the source-code for this project on

Score 57%

Tranalyzer2 is a lightweight flow generator and packet analyzer designed for practitioners and researchers. Special value is set to simplicity, performance and scalability. It extends Cisco NetFlow's functionality and supports analysts in processing ultra large packet dumps. It supports the drill down process to the very flow of interest, which can then be analysed in depth by tcpdump, Wireshark or by its text based packet mode. The program is implemented in C and built upon the libpcap library. Tranalyzer provides functionality to analyze and generate key parameters and statistics from IP traces either being live-captured from Ethernet interfaces or pcap files. The quantity of binary and text based output of Tranalyzer depends on enabled plugins. Hence, users have the possibility to tailor the output according to their needs. Moreover, additional plugins can be developed independently of the functionality of other plugins.

Last changelog:

Tranalyzer2 Tarantula version 0.8.2lm2 is out! 1 month ago

* Fix for OSX


1 year ago

This tool sdaved me a big time in troubleshooting a routing problem at a customer


Get the latest version here

Tranalyzer2 Tarantula version 0.8.2lm2 is out! 1 month ago

* Fix for OSX

Tranalyzer2 Tarantula version 0.8.2lm1 is out! 1 month ago

* New plugin: findexer
* basicFlow:
* Updated IPv4/6 databases
* Flag Tor addresses
* dnsDecode: blacklisted domain names detection
* geoip: updated databases
* nDPI: updated nDPI library to 2.6.0
* pwX: improved detection of HTTP based credentials
* sslDecode: updated JA3/JA3S database and SSL blacklist
* ftpDecode: bugfixes
* tranalyzer2:
* Improved final and monitoring reports
* Improved network aggregation mode IPv4/6
* Faster parallel compilation
* New -P/--profile option
* Simpler control of MAC addresses representation (utils/bin2txt.h):
* MAC_FORMAT: 0: string, 1: hex
* MAC_SEP: separator for MAC addresses as string (default: ":")
* Avoid unecessary dependency to zlib (*Sink)
* tawk: removed deprecated function bitisset
* Use bitsanyset and bitsallset instead
* Bugfixes and code hardening

Tranalyzer2 Tarantula version 0.8.1lm3 is out! 4 months ago

* More Traffic Mining features in nFrstPkts
* Improved scripts and tutorials (see
* tcpFlags: minwinsz detection, doc
* telnetDecode: bug fixes
* Minor code refactoring

Tranalyzer2 Tarantula version 0.8.1lm2 is out! 4 months ago

* Fix for older distributions where zlib version < 1.2.9

Tranalyzer2 Tarantula version 0.8.1 is out! 4 months ago

* New plugins: sslDecode (SSL/TLS, including JA3 hash), p0f (OS fingerprinting)
* Improved t2fm: create PDF report from MongoDB or PostgreSQL database
* nFrstPkt: new signal preprocessing features
* New t2plot and traffic mining scripts
* Improved dnsDecode and arpDecode
* txtSink: added option to compress (gzip) the output
* geo labeling information for packet mode (-s option)
* checkout our tutorials

updated Feb 19 2019
added Mar 22 2017
downloads today
page views today 3
System Tags app software gplv3