This repository contains a project focused on analyzing PCAP (Packet Capture) files using Python and Jupyter Notebook. The project includes scripts and data files necessary to perform a comprehensive analysis of network traffic captured in PCAP format.
This project demonstrates how to use Python libraries like dpkt to parse and analyze network traffic captured in PCAP files. It includes several PCAP files capturing various network activities and a Jupyter Notebook to perform detailed analysis.
The project includes the following files:
- ass1_1.pcap: Packet capture file 1 for analysis.
- ass1_2.pcap: Packet capture file 2 for analysis.
- ass1_3.pcap: Packet capture file 3 for analysis.
- pcap_http_analysis.py: Python script for parsing and analyzing HTTP traffic in PCAP files.
- pcap_analysis_notebook.ipynb: Jupyter Notebook containing the code for analyzing the captured network traffic.
- Python 3.x
- Jupyter Notebook
dpktlibrary
-
Clone this repository:
git clone https://github.com/yourusername/pcap-analysis.git cd pcap-analysis -
Install the required Python packages:
pip install jupyter dpkt
- Analyze a PCAP File:
- Run the Python script with the PCAP file as an argument:
python pcap_http_analysis.py ass1_1.pcap
- Run the Python script with the PCAP file as an argument:
- Analyze Captured Traffic:
- Open Jupyter Notebook:
jupyter notebook
- Open the
pcap_analysis_notebook.ipynbfile in Jupyter. - Run the cells in the notebook to load and analyze the captured network traffic data.
- Open Jupyter Notebook:
The pcap_analysis_notebook.ipynb notebook and pcap_http_analysis.py script include the following analyses:
- Parsing the PCAP files to extract HTTP traffic.
- Analyzing HTTP requests and responses.
- Identifying specific URI patterns and headers in HTTP requests.