SniffJoke 0.2
An example of the effectiveness of SniffJoke is given by this pcap. It is easy to verify that Wireshark and other tools reconstruct the data entering the traffic generated by SbiffJoke, making reconstruction wrong.
Try this pcap… with your best tool.
Source code
Released sources code of Xplico DEFT4 (see download).
Sniffer evasion tool
Xplico at present is unable to avoid sniffer evasion tool handling TTL (IP Time To Live). In version 0.6, Xplico will no longer be affected by this type of attack.
A good sniffer evasion tool is SniffJoke. SniffJoke prevent Xplico to reconstruct the traffic … and not only to Xplico 
.
