pom-ng is a real time network forensic tool.

pom-ng is a real time network forensic tool.

pom-ng is a network forensics tool that parses network traffic from files, network interfaces and other and allow you to get any information you wish from what is happening. It parses network traffic into events and payloads which can then be logged, saved or anything else you might imagine.

pom-ng v0.0.18

Dependencies:
* Build dependencies
+ gcc/binutils/make and all the base package for compiling a C application
+ autotools
+ libtool
+ pkg-config

* Mandatory dependencies
+ libxml2
+ libmicrohttpd (>= 0.9.25)
+ xmlrpc-c (package libxmlrpc-core-c3-dev)
+ lua (= 5.1) (package liblua5.1-dev)
+ uthash

* Optional dependencies
+ libmagic Comes with the file utility on linux. This allow identification of unknown payloads.
+ libpcap Used to capture packets from live interface as well as reading and saving pcap files. A must have !
+ zlib Used to decompress payloads and packets.
+ libjpeg Used to analyze jpeg images.
+ SQLite (>= 3.x) Database backend to store configurations and other. (on debian wheezy for dev files: libsqlite3-dev)
+ libexif Used to parse exif data from jpeg images.
+ Postgresql Another database backend.

Usage:

Source: https://github.com/gmsoft-tuxicoman