Fork me on GitHub

Second Release - Protocol dissection

We are pleased to announce the second release of Haka - an open source security oriented language - which introduces a lot of new features and cool stuff:

  • Protocol grammar: This new version features a new grammar allowing to specify text-based as well as binary-based network protocols avoiding wasting time with tedious and error-prone coding of protocol dissectors. The resulting specification process generates a parser and provides a read/write access to all protocol fields.

  • Protocol State machine: this second version provides also a new way to describe protocol state machine which was used to rework the specification of complex protocol such as tcp.

  • Available protocols: thanks to the above features, we have rewritten with a little effort the specification of protocols available in the initial version (tcp, http) and defined new ones (icmp, udp, dns).

  • Pattern matching engine: we have added a new stream-based regular expression engine based on PCRE that allows to detect malicious pattern accros multiple packets and that is more expressive than the built-in Lua engine.

  • API improvements: the Haka API has been improved introducing an efficient access to network streams using virtual buffer concept.

  • Console: you can monitor a haka daemon using the console feature which allows to get some statistics about trafic and drop/reset connections if needed.

  • Writing your own modules: you can now extend Haka with your favorite module by following the steps, recommandationis, and coding style of the developer guide. Your contributions are welcome.

  • Additional features: finally, this new version has additional features such as ip fragmentation support, live ISO image workshop, additional tutorials and multiple bug fixes.

We are already working on the next release which will focus mainly on optimizing Haka performances.