BITMAUL : The protocol dissection framework

We released an open source LuaJIT based protocol dissection framework called BITMAUL.

BITMAUL can be found on its GitHUB page

 Bitmaul logo

Use cases

Bitmaul allows you to

  • sweepbuf - use next_xx type calls to dissect a bitstream. Supports bit level operations and covers most of the common packet dissection idioms
  • pdurecord - breakup a bytestream into TCP messages / PDUs

Documentation and Examples can be found on the BITMAUL page

BITMAUL in Trisul Scripting

BITMAUL is a standalone library that doesnt need Trisul, but we designed it to fit our use case.

A recurring demand from Trisul script developers is to decode protocols and then either meter the traffic or to generate “logs”. BITMAUL dramatically simplifies this process because it handles both TCP message segmentation as well as the bits level protocol dissection. You can go as deep as you want in any protocol or just decode it enough to generate metrics, resources (logs), alerts, or other kinds of action.


lua/bitmaul.txt · Last modified: 2018/12/13 10:56 by veera