Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mikehorn-git/psqlhunter
Hunt sql commands in pcap.
https://github.com/mikehorn-git/psqlhunter
forensics network-forensics pcap pyshark python sql sqlinjection threat-hunting
Last synced: about 10 hours ago
JSON representation
Hunt sql commands in pcap.
- Host: GitHub
- URL: https://github.com/mikehorn-git/psqlhunter
- Owner: MikeHorn-git
- License: mit
- Created: 2024-05-03T21:16:34.000Z (7 months ago)
- Default Branch: main
- Last Pushed: 2024-10-24T19:15:42.000Z (25 days ago)
- Last Synced: 2024-10-26T05:39:15.370Z (23 days ago)
- Topics: forensics, network-forensics, pcap, pyshark, python, sql, sqlinjection, threat-hunting
- Language: Python
- Homepage:
- Size: 35.2 KB
- Stars: 2
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Description
Make sqli injection detection on pcap quicker for forensics analyst.
Detect sql requests in a pcap and render in a more friendly output.
# Screenshot
# Requirement
* [Tshark](https://www.wireshark.org/docs/man-pages/tshark.html)
# Installation
```bash
git clone https://github.com/MikeHorn-git/PsqlHunter.git
cd PsqlHunter/
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
```
# Usage
```bash
usage: PsqlHunter.py [-h] [--csv] [--json] [--output OUTPUT] pcap
Hunt sql commands in pcap.
positional arguments:
pcap Path to the pcap file or folder containing pcap files
options:
-h, --help show this help message and exit
--csv Export results to CSV
--json Export results to JSON
--output OUTPUT Path to the output folder
```
# To-Do
- [ ] Reduce possible false positives