nDPI is used by both ntop and nProbe for adding application-layer detection of protocols, regardless of the port being used. This means that it is possible to both detect known protocols on non-standard ports (e.g. detect http on ports other than 80), and also the opposite (e.g. detect Skype traffic on port 80). This is because nowadays the concept of port=application no longer holds.

Many protocols are supported including:

  • FTP
  • POP
  • SMTP
  • IMAP
  • DNS
  • IPP
  • HTTP
  • MDNS
  • NTP
  • NETBIOS
  • NFS
  • SSDP
  • BGP
  • SNMP
  • XDMCP
  • SMB
  • SYSLOG
  • DHCP
  • PostgreSQL
  • MySQL
  • TDS
  • DirectDownloadLink
  • I23V5
  • AppleJuice
  • DirectConnect
  • Socrates
  • WinMX
  • VMware
  • PANDO
  • Filetopia
  • iMESH
  • Kontiki
  • OpenFT
  • Kazaa/Fasttrack
  • Gnutella
  • eDonkey
  • Bittorrent
  • OFF
  • AVI
  • Flash
  • OGG
  • MPEG
  • QuickTime
  • RealMedia
  • Windowsmedia
  • MMS
  • XBOX
  • QQ
  • MOVE
  • RTSP
  • Feidian
  • Icecast
  • PPLive
  • PPStream
  • Zattoo
  • SHOUTCast
  • SopCast
  • TVAnts
  • TVUplayer
  • VeohTV
  • QQLive
  • Thunder/Webthunder
  • Soulseek
  • GaduGadu
  • IRC
  • Popo
  • Jabber
  • MSN
  • Oscar
  • Yahoo
  • Battlefield
  • Quake
  • VRRP
  • Steam
  • Halflife2
  • World of Warcraft
  • Telnet
  • STUN
  • IPSEC
  • GRE
  • ICMP
  • IGMP
  • EGP
  • SCTP
  • OSPF
  • IP in IP
  • RTP
  • RDP
  • VNC
  • PCAnywhere
  • SSL
  • SSH
  • USENET
  • MGCP
  • IAX
  • TFTP
  • AFP
  • StealthNet
  • Aimini
  • SIP
  • Truphone
  • ICMPv6
  • DHCPv6
  • Armagetron
  • CrossFire
  • Dofus
  • Fiesta
  • Florensia
  • Guildwars
  • HTTP Application Activesync
  • Kerberos
  • LDAP
  • MapleStory
  • msSQL
  • PPTP
  • WARCRAFT3
  • World of Kung Fu
  • MEEBO
  • FaceBook
  • Twitter
  • DropBox
  • Gmail
  • Google Maps
  • YouTube
  • Skype
  • Google
  • DCE RPC
  • NetFlow_IPFIX
  • sFlow
  • HTTP Connect (SSL over HTTP)
  • HTTP Proxy
  • Netflix
  • Citrix
  • CitrixOnline/GotoMeeting
  • Apple (iMessage, FaceTime…)
  • Webex
  • WhatsApp
  • Apple iCloud
  • Viber
  • Apple iTunes
  • Radius
  • WindowsUpdate
  • TeamViewer
  • Tuenti
  • LotusNotes
  • SAP
  • GTP
  • UPnP
  • LLMNR
  • RemoteScan
  • Spotify
  • H323
  • OpenVPN
  • NOE
  • CiscoVPN
  • TeamSpeak
  •  Tor
  •  CiscoSkinny
  •  RTCP
  •  RSYNC
  •  Oracle
  •  Corba
  •  UbuntuONE
  •  CNN
  •  Wikipedia
  • Whois-DAS
  •  Collectd
  •  Redis
  •  ZeroMQ
  •  Megaco
  • QUIC
  • WhatsApp Voice
  • Stracraft
  • Teredo
  • Snapchat
  • Simet
  • OpenSignal
  • 99Taxi
  • GloboTV
  • Deezer
  • Instagram
  • Microsoft cloud services
  • Twitch
  • KakaoTalk Voice and Chat
  • HotspotShield VPN
Recommended to read:  How to Recover from a Hacked Website?

Download Link

https://github.com/ntop/nDPI

This article was published on Hack Hex website, under Tools section, written by Dawood Khan on 11th February 2019. Share & leave us some comments on what you think about this topic or if you like to add something.

Tags: #brute force tools #Computer Security #Deep #ethical hacking #Inspection #linux security testing #malware analysis tools #nDPI #Open #Packet #password brute force #Penetration Testing #penetration testing distribution #penetration testing linux #pentest android #pentest linux #pentest toolkit #pentest tools #security tool kit #software #Source #spy tool kit #spyware #Toolkit #web application testing tools #web malware detection