[feature request] Add number of matchs in labels

OpenAttackDefenseTools / tulip

Network analysis tool for Attack Defence CTF

GNU General Public License v3.0

264 stars 36 forks source link

[feature request] Add number of matchs in labels #8

Open erdnaxe opened 1 year ago

erdnaxe commented 1 year ago

Currently Tulip adds a FLAG label on a flow when the flag regex has one or more match. It would be useful to store how many times the regex matched the TCP data, then display it like FLAG x3.

This could be useful to spot unusual amount of flags in a TCP flow.

devgianlu commented 1 year ago

We had this feature on the TeamItaly fork, I'll make a PR in the next weeks.