Supported Protocols¶
Peafowl can identify some of the most common protocols. To add more protocols refer to the corresponding section in this document. The supported protocols are:
Protocol |
Quality |
Protocol |
Quality |
Protocol |
Quality |
Protocol |
Quality |
|---|---|---|---|---|---|---|---|
HTTP |
5/5 |
SSL |
5/5 |
POP |
3/5 |
IMAP |
5/5 |
SMTP |
3/5 |
BGP |
5/5 |
DHCP |
5/5 |
DHCPv6 |
5/5 |
DNS |
5/5 |
MDNS |
5/5 |
NTP |
5/5 |
SIP |
5/5 |
RTP |
4/5 |
RTCP |
4/5 |
Skype |
3/5 |
Hangout |
3/5 |
4/5 |
Telegram |
?/5 |
Dropbox |
3/5 |
Spotify |
5/5 |
|
SSH |
5/5 |
Bitcoin |
4/5 |
Ethereum |
4/5 |
Zcash |
4/5 |
Monero |
4/5 |
Stratum |
5/5 |
JSON-RPC |
5/5 |
SSDP |
5/5 |
STUN |
5/5 |
QUIC |
5/5 |
MQTT |
5/5 |
Viber |
3/5 |
Kerberos |
3/5 |
MySQL |
5/5 |
Git |
5/5 |
At the moment, data and metadata extraction is supported for the following protocols (for a full list of fields please refer to the [Peafowl](include/peafowl/peafowl.h) header:
Protocol |
Extracted data |
|---|---|
HTTP |
Any kind of HTTP header, HTTP body, HTTP version, etc… |
SSL |
Version, Cipher Suite, Server Name, Extensions, Elliptic Curves, JA3, JA3S |
SIP |
Request URI, Contact URI, Call ID, Method, etc… |
DNS |
Server name, authority name |
QUIC |
Version, SNI |