Copyright 2021-2025, Battelle Energy Alliance, LLC, ALL RIGHTS RESERVED
A Python data visualization plotting tool created for unknown binary protocol analysis.
Blue Keanu ingests .pcapng files.
Blue Keanu outputs waterfall plots of the binary "ones" (hence the Matrix Movie reference) in each captured packet on the X axis. The Y axis is the capture time.
This software allows the user to visualize Wireshark or other network capture logs in a waterfall graphic display that the user can quickly find data that looks unique or atypical, such as human entered commands over the network in a non-repetitive manner.
- You can click on a bit (or an area) of interest, and it will plot the packet and data offset you are looking at.
- It was handy for me dissecting a noisy software polled PLC session with an undocumented binary protocol.
- The waterfall plot gives a good visual feedback for atomic or asyncronous (human?) events in a large ammount of data.
- You can see asynchronous events in the packet noise and figure out what packets were interesting to analyze by hand.
- Blue Keanu zooms and box selects, etc.
- An example .pcapng capture from wireshark and a sample screenshot of what the tool looks like was added.