{"id":25263872,"url":"https://github.com/flexidriod/packet-sniffer-security","last_synced_at":"2025-04-06T01:15:37.810Z","repository":{"id":276688586,"uuid":"929980082","full_name":"FlexiDriod/Packet-Sniffer-Security","owner":"FlexiDriod","description":"🚀 Internet Packet Sniffer - Advanced Network Traffic Analyzer 🔍","archived":false,"fork":false,"pushed_at":"2025-02-09T21:59:01.000Z","size":17,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-06T01:15:34.273Z","etag":null,"topics":["cpp","forensics-tools","intrusion-detection","network-analysis","npcap-sdk","packet-capture","packet-sniffer","windows-11"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/FlexiDriod.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-02-09T20:42:21.000Z","updated_at":"2025-03-05T18:03:59.000Z","dependencies_parsed_at":"2025-02-09T21:39:00.596Z","dependency_job_id":null,"html_url":"https://github.com/FlexiDriod/Packet-Sniffer-Security","commit_stats":null,"previous_names":["flexidriod/packet-sniffer-security"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FlexiDriod%2FPacket-Sniffer-Security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FlexiDriod%2FPacket-Sniffer-Security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FlexiDriod%2FPacket-Sniffer-Security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/FlexiDriod%2FPacket-Sniffer-Security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/FlexiDriod","download_url":"https://codeload.github.com/FlexiDriod/Packet-Sniffer-Security/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247419864,"owners_count":20936014,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cpp","forensics-tools","intrusion-detection","network-analysis","npcap-sdk","packet-capture","packet-sniffer","windows-11"],"created_at":"2025-02-12T07:26:11.015Z","updated_at":"2025-04-06T01:15:37.780Z","avatar_url":"https://github.com/FlexiDriod.png","language":"C++","readme":"# 🚀 Internet Packet Sniffer - Network Traffic Analyzer\n\n## 🌐 Overview\nInternet Packet Sniffer is a powerful network traffic analyzer for Windows, built with C++. It captures live network packets, detects malicious activities, and integrates GeoIP tracking using PostgreSQL/PostGIS. This tool is designed for cybersecurity professionals to analyze DDoS attacks, port scans, TLS handshakes, and blocklisted IPs in real-time.\n\n## 🔥 Features\n✅ **Live Packet Capture** - Monitors network packets in real-time using Npcap.  \n✅ **DDoS \u0026 UDP Flood Detection** - Alerts when excessive traffic is detected.  \n✅ **Port Scan Detection** - Identifies potential reconnaissance activities.  \n✅ **Blocklisted IP Alerts** - Flags known malicious IP addresses.  \n✅ **TLS/SSL Detection** - Detects encrypted connections.  \n✅ **ICMP (Ping) Monitoring** - Identifies ping scans and network probing.  \n✅ **GeoIP Lookup** - Determines the geographical location of IPs.  \n✅ **JSON Logging** - Stores alerts for post-analysis.  \n✅ **Portable \u0026 Lightweight** - Runs efficiently without additional dependencies.  \n\n---\n## 🛠 Installation\n\n### **Prerequisites**\n- **Windows 10/11 (64-bit)**\n- **Npcap** (for packet capturing)\n- **PostgreSQL + PostGIS** *(optional, for GeoIP lookup)*\n- **C++ Compiler** *(Clang64, MSVC, or MinGW)*\n\n### **Step 1: Install Dependencies**\n1. Install **Npcap** (Ensure *\"WinPcap API-compatible mode\"* is checked).\n2. Install **PostgreSQL** and **PostGIS** (if using GeoIP detection).\n3. Set PostgreSQL password as an environment variable:\n   ```cmd\n   setx PG_PASSWORD \"your_database_password\"\n   ```\n\n### **Step 2: Setup the GeoIP Database (Optional but Recommended)**\nIf you want GeoIP tracking, you need to:\n\n1. **Download** GeoLite2 databases (City, Country, ASN) from [MaxMind](https://dev.maxmind.com/geoip/geolite2-free-geolocation-data).\n2. **Create a PostgreSQL database and tables**:\n   ```sql\n   CREATE DATABASE geoip;\n   \\c geoip;\n   CREATE EXTENSION postgis;\n   \n   CREATE TABLE geoip_city (\n       network CIDR PRIMARY KEY,\n       geoname_id INT,\n       registered_country_geoname_id INT,\n       represented_country_geoname_id INT,\n       is_anonymous_proxy BOOLEAN,\n       is_satellite_provider BOOLEAN\n   );\n\n   CREATE TABLE geoip_asn (\n       network CIDR PRIMARY KEY,\n       autonomous_system_number INT,\n       autonomous_system_organization TEXT\n   );\n\n   CREATE TABLE geoname_location (\n       geoname_id INT PRIMARY KEY,\n       locale_code TEXT,\n       continent_name TEXT,\n       country_name TEXT,\n       subdivision_name TEXT,\n       city_name TEXT,\n       metro_code INT,\n       time_zone TEXT\n   );\n   ```\n3. **Import GeoIP data** from CSV files into the respective tables.\n\n### **Step 3: Clone and Build**\n```cmd\ngit clone https://github.com/yourusername/internet-packet-sniffer.git\ncd internet-packet-sniffer\nmkdir build \u0026\u0026 cd build\ncmake ..\ncmake --build .\n```\n\n---\n## 🎯 Usage\nRun the application with administrator privileges:\n```cmd\n./packet_sniffer.exe\n```\nExample output:\n```log\n[INFO] IP Layer:\nSrc IP: 192.168.1.10 (United States) -\u003e Dest IP: 192.168.1.1\n[ALERT] 🚨 Possible DDoS from: 203.0.113.5 (Packets: 105)\n```\n\n---\n## 🌟 Alert System\n| Alert Type       | Severity   | Description                           |\n|-----------------|-----------|---------------------------------------|\n| DDoS Attack     | 🔴 Critical | High packet rate detected             |\n| UDP Flood       | 🔴 High     | Unusual UDP packet burst              |\n| Port Scan       | 🟠 Medium   | Multiple connection attempts detected |\n| Blocklisted IP  | 🔴 Critical | Malicious IP detected                 |\n| TLS Handshake   | 🟡 Medium   | Encrypted connection detected         |\n| ICMP Ping Scan  | 🟡 Low      | Possible reconnaissance               |\n\n---\n## 📂 Log Files\n- **Security Alerts** - Stored in JSON format.\n- **Packet Captures** - Saved in `Packet_Captures/` with timestamps.\n\n---\n## 🛡 Security Considerations\n- Run with **admin privileges** to capture all packets.\n- Use a **secure PostgreSQL connection** for GeoIP queries.\n\n---\n## 🚀 Future Enhancements\n- 📌 **GUI Support** (for better user experience)\n- 📌 **More Protocol Analysis** (HTTP, DNS, etc.)\n- 📌 **Machine Learning-based Intrusion Detection**\n\n---\n## 🤝 Contributing\nWant to improve this project? Contributions are welcome!\n1. Fork the repository.\n2. Create a new branch:\n   ```cmd\n   git checkout -b feature-branch\n   ```\n3. Commit your changes:\n   ```cmd\n   git commit -m 'Add new feature'\n   ```\n4. Push to the branch:\n   ```cmd\n   git push origin feature-branch\n   ```\n5. Create a Pull Request.\n\n---\n## 🐝 License\nThis project is licensed under the **MIT License**.\n\n---\n## ❤️ Support \u0026 Feedback\n🌟 **Star this repo** if you found it useful!  \n🐛 **Report issues** via GitHub Issues.  \n🤝 **Join discussions** in the community.\n\n---\n🚀 **Internet Packet Sniffer - Empowering Cybersecurity Enthusiasts!** 🔥\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fflexidriod%2Fpacket-sniffer-security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fflexidriod%2Fpacket-sniffer-security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fflexidriod%2Fpacket-sniffer-security/lists"}