Truffle is a sophisticated network traffic analysis tool that combines packet capture capabilities with AI-powered analysis. It monitors network traffic in real-time, identifies patterns, and provides intelligent insights about network behavior and potential anomalies.
- Real-time network packet capture and analysis
- TLS/SNI detection and tracking
- DNS request monitoring
- AI-powered traffic analysis and anomaly detection
- Configurable filtering system
- Rate-limited API usage
- Detailed connection tracking
- Debug mode for detailed output
- Go 1.16 or later
- libpcap development libraries
- OpenAI API key
- Clone the repository:
git clone https://github.com/doxx/truffle.git
cd truffle- Install dependencies:
go mod download- Build the project:
make buildRun Truffle with the following command:
./bin/truffle -i <interface> -k <openai-api-key> [-debug]-i: Network interface to capture on (required)-k: OpenAI API key (required)-debug: Enable debug output (optional)
The project consists of several key components:
truffle.go: Main application logic and packet captureai_analyzer.go: AI-powered analysis and OpenAI integrationfilter.go: Filtering system implementationtypes.go: Common type definitions
make buildmake testTo be determined.
Contributions are welcome! Please feel free to submit a Pull Request.