PaulDotCom mailing list archives
pcaps and scapy....
From: mailinglistmatt at gmail.com (Matt Erasmus)
Date: Wed, 20 Jan 2010 14:08:37 +0200
Good morning all So I've been messing around with the latest forensic challenges from http://forensicscontest.com/ and http://honeynet.org/challenges and some of the questions / requirements need a brief summary of packets and the like. So I wrote (read badly hacked) together some code with scapy to get the job done. Please feel free to download/laugh at/tear apart said code from: http://www.zonbi.org/pcap_analysis_v1.tar.gz The general idea is that it's a small set of code that you can use to display summaries (port,packet,ip address) for a specified pcap file.... General usage is ./script.py example.pcap Hope some one out there finds it useful / humorous... -- Matt Erasmus /* @z0nbi / http://www.zonbi.org */
Current thread:
- pcaps and scapy.... Matt Erasmus (Jan 20)