https://github.com/mikehorn-git/psqlhunter
Hunt sql commands in pcap.
https://github.com/mikehorn-git/psqlhunter
forensics network-forensics pcap pyshark python sql sqlinjection threat-hunting
Last synced: 11 months ago
JSON representation
Hunt sql commands in pcap.
- Host: GitHub
- URL: https://github.com/mikehorn-git/psqlhunter
- Owner: MikeHorn-git
- License: mit
- Created: 2024-05-03T21:16:34.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2024-10-24T19:15:42.000Z (over 1 year ago)
- Last Synced: 2024-10-26T05:39:15.370Z (over 1 year ago)
- Topics: forensics, network-forensics, pcap, pyshark, python, sql, sqlinjection, threat-hunting
- Language: Python
- Homepage:
- Size: 35.2 KB
- Stars: 2
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Description
Make sqli injection detection on pcap quicker for forensics analyst.
Detect sql requests in a pcap and render in a more friendly output.
## Screenshot
## Requirement
* [Tshark](https://www.wireshark.org/docs/man-pages/tshark.html)
### Arch
```bash
sudo pacman -S wireshark-cli
```
# Installation
### Classic
```bash
git clone https://github.com/MikeHorn-git/PsqlHunter.git
cd PsqlHunter/
pip install -r requirements.txt
```
### Nix
```bash
git clone https://github.com/MikeHorn-git/PsqlHunter.git
cd PsqlHunter/
nix develop
```
## Usage
```bash
usage: PsqlHunter.py [-h] [--csv] [--json] [--output OUTPUT] pcap
Hunt sql commands in pcap.
positional arguments:
pcap Path to the pcap file or folder containing pcap files
options:
-h, --help show this help message and exit
--csv Export results to CSV
--json Export results to JSON
--output OUTPUT Path to the output folder
```