videosnarf - Output detected media sessions

Property Value
Distribution Fedora 29
Repository CERT Forensics Tools i386
Package filename videosnarf-0.63-1.fc29.i686.rpm
Package name videosnarf
Package version 0.63
Package release 1.fc29
Package architecture i686
Package type rpm
Category Applications/Forensics Tools
License GPL
Maintainer -
Download size 156.94 KB
Installed size 397.59 KB
VideoSnarf is a new security assessment tool that takes an offline
pcap as input, and outputs any detected media streams (RTP sessions),
including common audio codecs as well as H264 Video support. Why did we
write VideoSnarf? To give security assessment professionals options to
decode media traffic other than forcing them to use UCSniff. We know that
some people, for whatever reason, might not be using UCSniff to capture
and decode VoIP/Video traffic. For example, some people might want to
use Ettercap and their favorite Sniffer (tshark/Wireshark) to capture
the traffic, or they might have a monitor SPAN Session and are running
a dedicated sniffer and want to re-construct the traffic just using a
pcap trace file. VideoSnarf was inspired by the rtpbreak tool. To our
knowledge, it is the first tool to detect RTP sessions that are encoded
with the H.264 Video Codec, and output raw H264 files. VideoSnarf
also supports the following common audio codecs: G711ulaw, G711alaw,
G722, G729, G723, and G726. These are the most common audio codecs
found in enterprise networks where you are going to be doing security


Package Version Architecture Repository
videosnarf-0.63-1.fc29.x86_64.rpm 0.63 x86_64 CERT Forensics Tools
videosnarf - - -


Name Value - - - -
libnet -
libpcap - - - - -
rtld(GNU_HASH) -


Name Value
videosnarf = 0.63-1.fc29
videosnarf(x86-32) = 0.63-1.fc29


Type URL
Binary Package videosnarf-0.63-1.fc29.i686.rpm
Source Package videosnarf-0.63-1.fc29.src.rpm

Install Howto

  1. Download cert-forensics-tools-release-29 rpm:
  2. Install cert-forensics-tools-release-29 rpm:
    # rpm -Uvh cert-forensics-tools-release*rpm
  3. Install videosnarf rpm package:
    # dnf --enablerepo=forensics install videosnarf



See Also

Package Description
vinetto-0.07beta-1.fc29.i686.rpm Extract thumbnails and associated metadata from the Thumbs.db files
vmfs-tools-0.2.5-3.fc29.i686.rpm Tools to access VMFS filesystems
vmfs6-tools- Tools to access VMFS filesystems
vo-amrwbenc-0.1.3-8.fc29.i686.rpm VisualOn AMR-WB encoder library
winevt-kb-20190507-1.fc29.i686.rpm winevt-kb - Windows Event Log Knowledge Base
winreg-kb-20190507-1.fc29.i686.rpm winreg-kb - A project to build a Windows Registry Knowledge Base
x264-devel-0.155-1.20180806git0a84d98.fc29.i686.rpm Development files for the x264 library
x264-libs-0.155-1.20180806git0a84d98.fc29.i686.rpm Library for encoding H264/AVC video streams
x265-devel-2.8-1.fc29.i686.rpm H.265/HEVC encoder library development files
x265-libs-2.8-1.fc29.i686.rpm H.265/HEVC encoder library
xplico-1.2.2-2.fc29.i686.rpm Internet traffic decoder and network forensic analysis tool
xva-img-1.3-1.fc29.i686.rpm xva-img - Assemble Citrix XEN disk image
xvidcore-1.3.5-3.fc29.i686.rpm MPEG-4 Simple and Advanced Simple Profile codec
xvidcore-devel-1.3.5-3.fc29.i686.rpm Development files for the Xvid video codec
yaf-2.11.0-3.fc29.i686.rpm Yet Another Flow sensor