nDPI DocumentationΒΆ
nDPI is an open source DPI (Deep Packet Inspection) toolkit for traffic analysis.
- Library API
- nDPI Protocols List
- nDPI Flow Risks
- NDPI_URL_POSSIBLE_XSS
- NDPI_URL_POSSIBLE_SQL_INJECTION
- NDPI_URL_POSSIBLE_RCE_INJECTION
- NDPI_BINARY_APPLICATION_TRANSFER
- NDPI_KNOWN_PROTOCOL_ON_NON_STANDARD_PORT
- NDPI_TLS_SELFSIGNED_CERTIFICATE
- NDPI_TLS_OBSOLETE_VERSION
- NDPI_TLS_WEAK_CIPHER
- NDPI_TLS_CERTIFICATE_EXPIRED
- NDPI_TLS_CERTIFICATE_MISMATCH
- NDPI_HTTP_SUSPICIOUS_USER_AGENT
- NDPI_NUMERIC_IP_HOST
- NDPI_HTTP_SUSPICIOUS_URL
- NDPI_HTTP_SUSPICIOUS_HEADER
- NDPI_TLS_NOT_CARRYING_HTTPS
- NDPI_SUSPICIOUS_DGA_DOMAIN
- NDPI_MALFORMED_PACKET
- NDPI_SSH_OBSOLETE_CLIENT_VERSION_OR_CIPHER
- NDPI_SSH_OBSOLETE_SERVER_VERSION_OR_CIPHER
- NDPI_SMB_INSECURE_VERSION
- NDPI_TLS_SUSPICIOUS_ESNI_USAGE
- NDPI_UNSAFE_PROTOCOL
- NDPI_DNS_SUSPICIOUS_TRAFFIC
- NDPI_TLS_MISSING_SNI
- NDPI_HTTP_SUSPICIOUS_CONTENT
- NDPI_RISKY_ASN
- NDPI_RISKY_DOMAIN
- NDPI_MALICIOUS_JA3
- NDPI_MALICIOUS_SHA1_CERTIFICATE
- NDPI_DESKTOP_OR_FILE_SHARING_SESSION
- NDPI_TLS_UNCOMMON_ALPN
- NDPI_TLS_CERT_VALIDITY_TOO_LONG
- NDPI_TLS_SUSPICIOUS_EXTENSION
- NDPI_TLS_FATAL_ALERT
- NDPI_SUSPICIOUS_ENTROPY
- NDPI_CLEAR_TEXT_CREDENTIALS
- NDPI_DNS_LARGE_PACKET
- NDPI_DNS_FRAGMENTED
- NDPI_INVALID_CHARACTERS
- NDPI_POSSIBLE_EXPLOIT
- NDPI_TLS_CERTIFICATE_ABOUT_TO_EXPIRE
- NDPI_PUNYCODE_IDN
- NDPI_ERROR_CODE_DETECTED
- NDPI_HTTP_CRAWLER_BOT
- NDPI_ANONYMOUS_SUBSCRIBER
- NDPI_UNIDIRECTIONAL_TRAFFIC
- NDPI_HTTP_OBSOLETE_SERVER
- NDPI_PERIODIC_FLOW
- NDPI_MINOR_ISSUES
- NDPI_TCP_ISSUES