🤸 Usage Guide

🖥️ Linux (Debian)

Running ThreatNeedle:

➜ make
or
➜ sudo python3 src/main.py

Cleaning up (removes .pyc, .cap, and .cache/):

➜ make clean

🪟 Windows

Running ThreatNeedle:

➜ make
or
➜ python src/main.py

Cleaning up (removes .pyc, .cap, and .cache/):

➜ make clean

🐋 Docker

Running ThreatNeedle:

Due to the nature of this network forensic tool, the docker container has to run with the --network host flag in order to listen for network packets on the host's network interfaces. Hence, this tool will not work as intended on Windows as --network host is not supported on docker for Windows.

➜ make doc
or
➜ sudo docker build -t <name>:latest .
➜ sudo docker run --network host -ti <name> (run in interactive mode, able to view stdout, stderr)
➜ sudo docker run --network host -td <name> (run in detached mode)

Cleaning up (removes ALL images, containers, volumes, and networks):

➜ make docclean