Security/Forensic Tool: AIM Sniff

  • Article

AIM Sniff is a utility for monitoring and archiving AIM and MSN messages across a network. It can be used to monitor for cases of harassment or warez trading. It has the ability to do a live dump (actively sniff the network) or read a PCAP file and parse the file for IM messages. You also have the option of dumping the information to a MySQL database or STDOUT. AIM Sniff will also monitor for an IM login and then perform an SMB lookup on the originating computer in order to match NT Domain names with IM login names (handles). MSN sniffing support was added. The code was modularized for ease of contribution and protocol development.

https://freshmeat.net/projects/aimsniff

Urs