What is NetBee?

NetBee is a new library intended for several types of packet processing, such as packet sniffing and filtering, packet decoding, and traffic classification (not ready yet).

NetBee provides a set of modules that can be used by applications that need to process network packets. Instead of creating some custom code in your application for packet processing, you can use the functions exported by NetBee.

This library is made up of several components. It includes several objects for packet decoding, packet sniffing and filtering, traffic classification (not ready yet), and some miscellaneous utilities. Additionally, it includes some components (such as the NetPDL protocol definition language, the NetVM packet processing virtual machine) that are used to do its job, but their knowledge is not required from programmers using NetBee. For a list of features that are present in NetBee, please look at the introduction page.

Why NetBee?

NetBee is a powerful library for generic packet processing. NetBee is created by the same research group that created WinPcap, the de-facto standard for sniffing packets in Windows. However, WinPcap architecture (which is derived from its UNIX ancestor, libpcap) is rather old and it does not fit for nowadays needs. WinPcap is a perfect choice in case you need a powerful library for sniffing packets with cross platform compatibility (WinPcap and the UNIX-based libpcap are almost fully compatible). However, the architecture behind WinPcap (and libpcap) has not been engineered for supporting extensions and new modules for other kinds of processing in addition to packet sniffing.

This is the reason of NetBee: we feel that the effort needed to expand and update WinPcap cannot pay in the long term. We believe that the best choice is to create a new library from scratch, with a completely new architecture (object-based, for instance), open to extensions and ready to fit to new needs. NetBee, in fact. This guarantees an high degree of freedom but, of course, it will often lead to un-tested code due to the relative poor maturity of the library.

If you start using NetBee and you used WinPcap in the past, you will see that the interface (which is object oriented) is much cleaner than its ancestor. You can find it is pretty easy to read packets from the network as well as from a file or from some other source. This is due to the object-oriented architecture of NetBee. You will be surprised how easy is to use NetBee in your programs.

Please note that NetBee is highly experimental at the current stage; no guarantees are given that the API will not change in the future. Therefore, the current release must be intended as a proof of concept in order to share some ideas with the research community.

http://www.nbee.org/doku.php

网络包处理工具NetBee的更多相关文章

  1. iperf/netperf网络性能测试工具、Wireshark网络包分析工具

    iperf   http://www.linuxidc.com/Linux/2014-05/101160.htm netperf  http://www.linuxidc.com/Linux/2013 ...

  2. [转]网络性能评估工具Iperf详解(可测丢包率)

    原文链接:安全运维之:网络性能评估工具Iperf详解:http://os.51cto.com/art/201410/454889.htm 参考博文:http://linoxide.com/monito ...

  3. Python黑帽编程1.3 Python运行时与包管理工具

    Python黑帽编程1.3  Python运行时与包管理工具 0.1  本系列教程说明 本系列教程,采用的大纲母本为<Understanding Network Hacks Attack and ...

  4. ios 抓取真机的网络包

    一直被如何从真机上抓包所困扰!今天偶然看到了最简单有效的方法!分享一下: 原地址链接 http://blog.csdn.net/phunxm/article/details/38590561 通过 R ...

  5. 可视化数据包分析工具-CapAnalysis

    可视化数据包分析工具-CapAnalysis 我们知道,Xplico是一个从pcap文件中解析出IP流量数据的工具,本文介绍又一款实用工具-CapAnalysis(可视化数据包分析工具),将比Xpli ...

  6. Bower —— 一个Web的包管理工具

    作者:江剑锋   github地址:https://github.com/bower/bower Bower为何物 Bower是一个Web开发的包管理软件.前端开发中,或多或少,都会以来于现成的fra ...

  7. Linux命令行抓包及包解析工具tshark(wireshark)使用实例解析

    在Linux下,当我们需要抓取网络数据包分析时,通常是使用tcpdump抓取网络raw数据包存到一个文件,然后下载到本地使用wireshark界面网络分析工具进行网络包分析. 最近才发现,原来wire ...

  8. Python包管理工具——pip

    目录 Python pip pip相关命令 解决pip相关问题 Python pip Python最让人的喜欢的就是它有丰富的类库和各种第三方的包,而对于这些包的下载.删除等管理操作,就要用到包管理工 ...

  9. 转载: 一、linux cpu、内存、IO、网络的测试工具

    来源地址: http://blog.csdn.net/wenwenxiong/article/details/77197997 记录一下 以后好找.. 一.linux cpu.内存.IO.网络的测试工 ...

随机推荐

  1. 观察器observes与对象初始化

    Demo.Person2 = Ember.Object.extend({ init: function() { alert('lljsd'); this.set('salutation', " ...

  2. JavaScript Number 对象 Javascript Array对象 Location 对象方法 String对象方法

    JavaScript Number 对象 Number 对象属性 属性 描述 constructor 返回对创建此对象的 Number 函数的引用. MAX_VALUE 可表示的最大的数. MIN_V ...

  3. 【转】【UML】使用Visual Studio 2010 Team System中的架构师工具(设计与建模)

    Lab 1: 应用程序建模 实验目标 这个实验的目的是展示如何在Visual Studio 2010旗舰版中进行应用程序建模.团队中的架构师会通过建模确定应用程序是否满足客户的需求. 你可以创建不同级 ...

  4. 未能解析此远程名称:'nuget.org' 的解决方法

    今天用Nuget下一个程序包时,发现Nuget挂了: 未能解析此远程名称:'nuget.org' . 浏览器打开  http://nuget.org  失败. 使用cmd命令 输入nslookup n ...

  5. ZooKeeper学习第四期---构建ZooKeeper应用

    一.配置服务 配置服务是分布式应用所需要的基本服务之一,它使集群中的机器可以共享配置信息中那些公共的部分.简单地说,ZooKeeper可以作为一个具有高可用性的配置存储器,允许分布式应用的参与者检索和 ...

  6. python 3 安装 scrapy 并运行成功

    今天,python 3 安装 scrapy, 并运行成功.特此纪念! 我的环境:windows 10(64位) + python 3.5.2(64位) 其中几个要点说明一下: 1.有几个依赖库需要事先 ...

  7. JavaScript开发规范要求

    http://www.cnblogs.com/webflash/archive/2010/06/11/1756255.html 作为一名开发人员(WEB前端JavaScript开发),不规范的开发不仅 ...

  8. 抓包工具charles的使用

    Charles是一款抓包修改工具,数据请求控制容易,操作简单. 下载和安装 首先是工具下载和安装 安装前需要先有Java的运行环境.下载到charles的破解版以后,正常安装.一般破解版里会有char ...

  9. Listview实现不同类型的布局

    打开各种客户端发现 Listview的布局多种多样,在我以前的认知中listview不是只能放一种item布局嘛,我就震惊了,现在我自己的项目上要用到这种方式那么就去做下 原理是listview 的a ...

  10. Visual Studio 2015官方汇总包括下载和视频

     7月20日 23:30 Visual Studio 2015正式版正式发布,作为微软新一代开发利器,在全地球乃至全宇宙乃至全太阳系中最强大 且没有之一的IDE(上述描述来自微博用户评论)跨平台支持成 ...