PacketTotal Labs is an area of the site where the team can share cool projects that are still undergoing development and testing. Given the immense amount of data on the site many of these projects focus around data analysis, machine learning, and creative ways of gathering qualitative and quantitative categorizers. Due to the complexity of these problems, tools hosted on this section of the site rely on a much more robust serverless backend for distributed tasking. A list of projects is listed below.
[02/23/2019] The PacketTotal API provides a much more robust search interface into the PacketTotal dataset. Search, correlate, and download PCAP files, based on their behaviors and contents.
[10/22/2018] Bulk IOC Search allows you to search as many as 100 Indicators of Compromise (IOCS) at once, returning links to relevant captures. These IOCS can be URLs, domains, hashes, IP addresses, or some other value. This tool uses a serverless backend to execute distributed searches.
[02/23/2019] The PacketTotal Search API is finally in live beta! This is a huge update for us, and provides very powerful search functionality against the PacketTotal dataset. You can read more about the Search API here.
[10/18/2018] We're working with Stratosphereips.org to ingest several hundred GB of botnet packet captures. Analysis queues may be a bit backed up over the next few weeks. Search by keyword www.stratosphereips.org to view those uploaded so far. Tons of Kelihos Traffic!