PcapOrNotPcap is a script to parse the pcap file with scapy.
- Download the script
- Have a pcap file to parse
- pip install scapy
Usage: PcapOrNotPcap [-h] [-a] [-ip] [-p] [-m] [-u] [-ic] [-d] [-e] <file.pcap>
Options:
-h Show this message
-a General parsing
-ip Parse IP (IP src / IP dst), IP Layer
-p Parse ports (ports src / ports dst), TCP Layer
-m Parse MAC address (MAC src / MAC dst), Ether Layer
-u Parse ports (port src / ports dst), UDP Layer
-ic Parse icmp paquet, ICMP Layer
-d Parse data from paquets (all layer)
-e If executable find in data then try to export this in 'output' directory. (Bug with zipfile and password - soon implemented)