Trafscrambler is an anti-sniffer/IDS LKM(Network Kernel Extension) for OSX, licensed under BSD.
- Injection of packets with bogus data and with randomly selected bad TCP cksum or bad TCP sequences
- Userland binary(tsctrl) for controlling trafscrambler NKE
- SYN decoy – sends out number of SYN pkts before the original SYN pkt
- TCP reset attack – sends out RST/FIN pkt with bad sequence
- Pre-connection SYN – sends out SYN with wrong TCP-checksum
- Post-connection SYN – sends out fake SYN after connection establishment
- Zero Window – send out pkt with “0” window set.
You can download Trafscrambler 0.2 here:
Or read more here.