https://github.com/bonifield/pcapvis

PCAP Force-Directed Graph Generator
https://github.com/bonifield/pcapvis

Last synced: about 1 year ago
JSON representation

PCAP Force-Directed Graph Generator

• Host: GitHub
• URL: https://github.com/bonifield/pcapvis
• Owner: bonifield
• Created: 2017-05-19T20:37:25.000Z (about 9 years ago)
• Default Branch: master
• Last Pushed: 2020-01-30T02:14:50.000Z (over 6 years ago)
• Last Synced: 2025-05-07T21:04:44.647Z (about 1 year ago)
• Language: Python
• Size: 411 KB
• Stars: 7
• Watchers: 1
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# pcapVis

PCAP Force-Directed Graph Generators

- Requires Python 2.6+, GraphViz, and TShark

- Install Requirements: ```sudo apt-get install graphviz tshark -y```

- Usage:  ```script.py yourfile.pcap``` OR ```script.py yourfile.pcap tls```

## Updates

- 29 Jan 2020

	- added quick-and dirty tls flag, to convert the ssl.* fields to tls.*

 

## TO DO

- use argparse and subprocess

- major code refactoring

- check if successful before displaying "made xyz" message

- better output filename

- perhaps combine into one script...

## pcapVis-connections.py

Produces a basic force-directed link graph that also highlights SSH connections

![pcapVis-connections.py](https://github.com/bonifield/pcapVis/blob/master/conn-snippet.PNG)

## pcapVis-httpRequestChain.py

Produces a URLQuery.net-like HTTP/SSL force-directed link graph of web connections

- note that this version only supports http referrers, and not .location redirects, etc (work in progress)

![pcapVis-httpRequestChain.py](https://github.com/bonifield/pcapVis/blob/master/chain-snippet.PNG)