CS330: Resources

This page contains links and tools to help you throughout the course.

Development Environment

• Visual Studio Code – A lightweight code editor with debugging tools.
• GCC – GNU Compiler Collection for C/C++ and more.
• GDB – Debugger for programs written in C, C++, etc.
• Microsoft Visual Studio – Full-featured IDE for many languages.
• Apache NetBeans – IDE supporting C/C++, Java, PHP, etc.

Packet Capture & Network Analysis

Passive Capture

• Wireshark – Industry-standard for passive packet capture.
• TCPDump & libpcap – Command-line network analyzer.
• NetworkMiner – Forensic analysis tool.
• tcpflow – Captures and reconstructs TCP flows.
• tcptrace – Graphical tool for analyzing TCP dump files.
• Note: Microsoft Message Analyzer (retired 2019)

Netwox Suite (no longer actively maintained)

• netwox – Toolbox for network testing.
  • netwib – Library used by netwox.
  • netwag – GUI front-end for netwox.

Active Capture / Interception

• Suricata – IDS/IPS engine with full packet logging capabilities.
• Arkime (formerly Moloch) – Scalable full-packet-capture and search platform.
• Mallory – MITM gateway proxy.
• Ettercap – Advanced MITM tool for LANs.

Connectivity & Port Scanning

• Nmap – Network mapping and port scanning.
• Masscan – Fast port scanner.
• netcat – Send and receive data over arbitrary TCP/UDP ports.
• Hping – Network tool for security auditing.
• curl / wget – CLI tools for data transfer.
• HTTPie – User-friendly HTTP client.
• netdiscover – Discover live hosts on a network.

Web Testing / Proxies

• Burp Suite – Web app security testing tool.
• OWASP ZAP – Open-source web app scanner.
• mitmproxy – SSL-capable HTTP proxy.
• Charles Proxy – GUI HTTP proxy.
• w3af – Web app attack and audit framework.
• HTTrack – Website copier tool.

Network Spoofing

• Ettercap – MITM tool for network traffic manipulation.
• arpspoof – Simple ARP spoofer.
• DNSMasq – Lightweight DNS/DHCP server.

System Utilities

• Sysinternals Suite – Windows system utilities.
• NirSoft – Small Windows utilities, including password tools.

API Development

• Postman – API testing and development.
• Fiddler – HTTP debugging proxy.
• RESTful Tutorial – Concepts of REST APIs.

Supplemental Material

Interactive Learning

• Interactive Exercises – Companion to the Kurose & Ross textbook with quizzes and animations.
• Beej’s Guide to Network Programming – A hands-on guide to socket programming in C.
• High Performance Browser Networking – What every web developer should know about networking and web performance.
• Eloquent JavaScript – A book about JavaScript, programming, and digital concepts.
• Principles of Chaos Engineering – Understand how resilience is tested in distributed systems.
• Programmable Web – (Retired) Formerly a hub for APIs and mashups.

Code Repositories

• BIND 9 GitLab Repository – Source code and issue tracker for the BIND DNS server.

Key References

• Root Servers Map – Overview of global DNS root server infrastructure.
• IANA – Internet Assigned Numbers Authority
• Service Name & Port Number Registry
• CERN WorldWideWeb Rebuild (2019) – Interactive historical browser demo.
• The CERT Division – Carnegie Mellon
• Assigned Internet Protocol Numbers
• IEEE 802.3 Ethernet Working Group
• ICANN – Internet Corporation for Assigned Names and Numbers
• The Wayback Machine

Key References & RFCs

See the RFC Index for official protocol specs. Notable examples:

• HTTP: RFC 7230–7235, RFC 7540 (HTTP/2), draft for HTTP/3.
• DNS: RFC 1034, RFC 1035, RFC 8484 (DoH).
• TCP: RFC 793, RFC 1122, RFC 5681.
• UDP: RFC 768, RFC 8085.
• IP: RFC 791, RFC 2460 (IPv6), RFC 1958.
• SMTP/IMAP/POP3: RFC 5321, RFC 3501, RFC 1939.
• DHCP: RFC 2131, RFC 3046.
• BGP/OSPF/ARP: RFC 1771, RFC 2328, RFC 826.