Blog Archives

Scapy: pcap 2 streams

Morning readers, I thought I would start Monday morning with another piece of Scapy/Python coding goodness. This time though for an added treat I’ve thrown in a bit of tshark not because Scapy isn’t awesome but for this piece of

Posted in packets, Scapy

Scapy: pcap 2 convo

So the 3rd blog post of the day is a cool function in Scapy called conversations. Essentially this takes a pcap file and outputs an image of all the conversations between IP addresses. To run this in Scapy you would

Posted in packets, Scapy

Scapy: pcap 2 dns

So the second piece of code in my series on the python & Scapy lovefest is another simple bit of code that looks through a pcap file and pulls out some DNS information. The initial thought behind this was making

Posted in packets, Scapy

Scapy: pcap 2 geoip

So I’ve been a bit “relaxed” lately with blog posts, simply because I’ve not had anything to say or share. To be honest the last couple of months my training has gone a bit all over the place and I’ve

Posted in packets, Scapy

Python: Kippo 2 Cuckoo

So I’m a bit late with this blog post as I wrote the code a couple of weeks ago, but as they say “better late than never”. A couple of weeks ago on Twitter @stevelord raised a question about the

Posted in Honeypot, Malware, Python

Scapy – pcap IP rewrite

Hello reader(s), this is just a quick post to share some new code I wrote tonight, you might find it useful or you might not. So I’ve been trying to think of some new transforms to write for sniffMyPackets and

Posted in packets, Python, Scapy, Scapy, sniffMyPackets

Code: Junk Email Downloader

So a while back someone on Twitter (sorry can’t remember who..) mentioned that when looking for sources of Malware to analyse you shouldn’t overlook your junk/spam emails. What a good idea I thought, lets write some code to do that

Posted in Malware, Python

Code: PDF hunter

So of late I’ve been playing around a lot with Scapy and pcap files, mostly for my sniffMyPackets project but also because it teaches me more about network forensics and python. The other area I’m starting to learn about is

Posted in General, packets, Python, Scapy

sniffMyPackets: Finding Tor

I don’t normally do short random posts but I figure once in a while won’t hurt. So I’ve been busy working on new transforms for my Maltego pcap analysis package and things are moving along nicely. Part of my process

Posted in Python, sniffMyPackets

sniffMyPackets (Beta) – Released!!

Hello readers, so I just want to say something before I get into the “meat” of this post…. (bear with me) I don’t work in InfoSec, I don’t have a full-time job where I poke holes in systems, or look

Posted in Python, sniffMyPackets
Disclaimer

This is my personal blog, all data and information provided on this site is for informational purposes only. The views expressed on these pages are mine alone and not those of my employer.

I will from time to time post something that might be slightly or massively inaccurate, this is not due to laziness but merely to the fact that I'm not perfect and let’s face it neither are you, otherwise you wouldn't be reading my blog (unless Google lied to you..).

I welcome all comments and emails, which are presented in a positive and constructive manner, however I withhold the right to delete or not publish any comments that I feel are "negative". After all if you are taking the time to read and then comment why not do it in a positive manner.

Linkedin Profile
Canari Framework
Follow

Get every new post delivered to your Inbox.

Join 678 other followers