Skip to content

Latest commit

 

History

History
27 lines (21 loc) · 834 Bytes

README.mkd

File metadata and controls

27 lines (21 loc) · 834 Bytes

Tescat

This tool analyzes UDP packets being broadcast on a specified port to the local network or from a PCAP file. It will identify packets that are unique since the start of the process.

Tescat is especially useful when you're analyzing a network with a large amount of baseline traffic that does not vary frequently and you want to identify anomalies some time after the initial baseline.

This was developed while auditing the internal LAN on the Tesla Model S.

Installation

  go get github.com/kevinmahaffey/tescat
  go build src/github.com/kevinmahaffey/tescat/cmd/tescat.go

Running

Listen for UDP traffic destined to a given port

  ./tescat -p 20100

Process UDP data from a pcap file looking for packets destined to a given port

  ./tescat -f mypcap.pcap -p 20100