May 26, 2018
Passively detect network assets
PADS is a signature based detection engine used to passively detect network assets. It is designed to complement IDS technology by providing context to IDS alerts.
Passive Records and identifies traffic seen on a network without actively “scanning” a system. There will never be a packet sent from the pads applications.
Portable Has the ability to be placed easily on a remote system. Does not require additional external libraries other than those associated with libpcap.
Lightweight Logging is sent to a simple CSV file. There is no need for a database or other data repository installed on the local machine. All correlation is done outside of the pads program.