"The Codenomicon tools are amazing. Using them is like being attacked by the most relentless adversary who uses every possible method to find flaws in your code

We fixed subtle crash bugs in Samba that had been in the code for over ten years. We would never have found those bugs without the Codenomicon tools.

If you're serious about implementing protocols correctly, you need the Codenomicon tools."

-- Jeremy Allison,
   Co Creator of Samba

"Codenomicon has found a critical focus area which expands beyond web testing, where the XML industry has an opportunity to proactively assess the security holes contained in everyday services used by the general public. I would hope the industry warmly welcomes both the research results and an innovative testing solution to help diagnose the problems."

Prof. Howard A. Schmidt
former White House Cyber Security advisor & Codenomicon board member

Codenomicon Logster

Codenomicon Logster

Overview | Features and Benefits | Videos


The Codenomicon Logster is an easy-to-use precision tool for visualizing your data. Replay your test runs and network recordings in a map view. You can replay millions of log entries recorded over extensive periods of time and gain understanding of what happened and when. For more in depth troubleshooting and mitigation, combine the tool with the Network Analyzer and Defensics Fuzzers.

The Logster became famous for being the technology behind the Kaminsky DNS repair analysis and F-Secure botnet IRC videos. Over the years, a number of improvements have been made Logster. However, the main reason for its success continues to be its simplicity and ease of use. Find out more about the cool things the Logster can do.


  • Easy data downloads

    The Logster creates visualizations of Apache-style access logs. It even supports gzip-compressed logfiles without the need for extra disk space for uncompressing.

  • Broad logfile format support

    The Logster supports all common and combined logfile formats. No matter what file format your network recorders use, you can display the data with the Logster.

  • Powerful visualizations

    You can view the visualizations either with an interactive timeline or as a video displaying the traffic on a world map. The Logster represents different types of events with different colors, making it easy to spot irregular events.


  • Analyze large amounts of data quickly and effectively

    The Logster allows you to replay millions of log entries recorded over extensive periods of time. The Logster's color tagging capabilities and the video replay options make it easy to spot abnormal events from large masses of data.

  • Get a quick and easy overview

    From the world map video it easy to spot, what is happening in the network. With the help of the adjacent timeline view you can determine exactly when the event took place. However, for for advanced network diagnostics combine the Logster with the Network Analyzer.

Getting more from Logster:

The Network Analyzer for more advanced network diagnostics:

The Logster's is an excellent streamlined tool for visualizing network traffic, but it offers limited assistance in more in depth troubleshooting. Combine the Logster with the Network Analyzer to know exactly what happenend, where and when. The Network Analyzer allows you to drill up and down from high level map and network visualizations to individual packet data making troubleshooting easy.

Find out more about the Codenomicon Network Analyzer from: www.codenomicon.com/analyzer

Defensics Fuzzers for fixing the vulnerabilities enabling the exploit

The Logster allows to see actual exploits and other irregular events taking place. However, to fix the vulnerabilities enabling or causing these events, you first need to find them. The Defensics testing tools use a technique called Fuzzing, which is widely used by hackers and security experts. Fuzzing has demonstrated unparalleled efficiency in finding previously unknown zero-day vulnerabilities. These zero-day vulnerabilities, are the ones you should focus on, because they are the vulnerabilities hackers seek to find and exploit.

Find out more about the Codenomicon Defensics from: www.codenomicon.com/defensics


We wanted to try out how much data our Logster code can conveniently visualize. So we downloaded the whole English Wikipedia's revision history, available at http://download.wikimedia.org/ in easily parseable XML. Processing and sorting it by time was a breeze. Thanks, Wikipedia people. Read More...

This video is a short visualization of spreading of a web link, as seen from the web server's access logs. A short baseline from a couple of days before the spread is shown first. It followed by a period of high traffic, starting somewhere between 2008-03-25 and 2008-03-26.

This is a visualization presenting doxpara DNS repair data. More information: KaminskyDNS

A visualization about botnet C&C locations and activity during five days. White flashes are IRC channel joins made by infected hosts, red shows an approximation of overall area of the infection.

Contact us for more information

Learn more about how DEFENSICS can reduce your risk of zero-day attacks
Sign up for our newsletter