https://github.com/emrekybs/bluefish
Automation tool designed to simplify the analysis of PCAP (Packet Capture) files
https://github.com/emrekybs/bluefish
incident-response pcap pcap-analyzer pcap-files python security-automation tshark wireshark
Last synced: 5 months ago
JSON representation
Automation tool designed to simplify the analysis of PCAP (Packet Capture) files
- Host: GitHub
- URL: https://github.com/emrekybs/bluefish
- Owner: emrekybs
- License: gpl-3.0
- Created: 2023-12-28T14:10:07.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2024-03-15T22:30:25.000Z (over 1 year ago)
- Last Synced: 2025-04-01T08:44:39.815Z (6 months ago)
- Topics: incident-response, pcap, pcap-analyzer, pcap-files, python, security-automation, tshark, wireshark
- Language: Python
- Homepage:
- Size: 2.84 MB
- Stars: 13
- Watchers: 3
- Forks: 1
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
[
# BlueFish
BlueFish is a Python-based automation tool designed to simplify the analysis of PCAP (Packet Capture) files. It leverages the power of Wireshark's command-line tool, tshark, to extract valuable information from network captures. With BlueFish, you can quickly identify potential login attempts, analyze network traffic patterns, and extract various network artifacts.
### Key Features:
* Extracts potential login attempts and credentials.
* Analyzes IP and MAC addresses.
* Retrieves embedded objects from network traffic.
* Identifies email addresses and HTTP requests.
* Provides insights into protocols, DNS queries, ICMP packets, SMB operations, FTP sessions, and TLS handshakes.
BlueFish streamlines the process of PCAP analysis, making it easier for security professionals and network analysts to gain insights into network activities.
# 𝗜𝗡𝗦𝗧𝗔𝗟𝗟𝗔𝗧𝗜𝗢𝗡 𝗜𝗡𝗦𝗧𝗥𝗨𝗖𝗧𝗜𝗢𝗡𝗦
$ pip install subprocess.run
$ pip install os-sys
$ git clone https://github.com/emrekybs0/BlueFish.git
$ cd BlueFish
$ chmod +x BlueFish.py
$ python3 BlueFish.py
