https://github.com/priyabug/network-traffic-analysis-and-manipulation
Network Traffic analysis is a crucial aspect of network security and network management, enabling the monitoring, inspection, and interpretation of data packets flowing across a network.
https://github.com/priyabug/network-traffic-analysis-and-manipulation
capture-icmp capture-icmp-packet raw-sockets scapy sniffing spoofing spoofing-attack traceroute
Last synced: 3 months ago
JSON representation
Network Traffic analysis is a crucial aspect of network security and network management, enabling the monitoring, inspection, and interpretation of data packets flowing across a network.
- Host: GitHub
- URL: https://github.com/priyabug/network-traffic-analysis-and-manipulation
- Owner: Priyabug
- Created: 2024-08-15T05:34:53.000Z (10 months ago)
- Default Branch: main
- Last Pushed: 2025-03-10T03:11:47.000Z (3 months ago)
- Last Synced: 2025-03-10T04:24:34.752Z (3 months ago)
- Topics: capture-icmp, capture-icmp-packet, raw-sockets, scapy, sniffing, spoofing, spoofing-attack, traceroute
- Language: Python
- Homepage:
- Size: 4.34 MB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Network Traffic Analysis and Manipulation
## ๐ Description
Two key ideas in network security are **packet sniffing** and **spoofing**, which pose serious risks to network communication. Understanding these threats is essential to comprehending **network security protocols**.
Various tools exist for packet sniffing and spoofing, including:
- **Wireshark**
- **Tcpdump**
- **Netwox**
- **Scapy**
Both **attackers** and **security specialists** frequently utilize these techniques. While knowing how to use these tools is vital, understanding their inner workingsโhow software implements packet sniffing and spoofingโis even more crucial.
---
## ๐ ๏ธ Languages and Utilities Used
- **Python**
- **Ubuntu 20.04 VM**
## ๐ป Environments Used
- **Windows 11 Home (21H2)**
---
## ๐ Lab Topics Covered
โ๏ธ Basics of **packet sniffing** and **spoofing**
โ๏ธ Using the **pcap** library and **Scapy** for packet sniffing
โ๏ธ Using **raw sockets** and **Scapy** for packet spoofing
โ๏ธ Manipulating packets using **Scapy**
---
## โ๏ธ Shell Script Commands
| Command | Description |
|---------|------------|
| `./dc-build.sh` | Builds the Docker images. Can take an additional parameter, e.g., `./dc-build.sh --no-cache` |
| `./dc-up.sh` | Starts the Docker containers in the foreground |
| `./dc-up-d.sh` | Starts the Docker containers in the background |
| `./dc-stop.sh` | Stops the Docker containers, with optional parameters |
| `./dc-down.sh` | Stops and removes the Docker containers, with optional parameters |
| `./dc-unittest.sh` | Utility script to aid in running a specific unit test class |
---
## ๐ Program Walk-through
### **Using Scapy for Sniffing and Spoofing**
๐น Sniffing packets with **Scapy**, including setting filters to capture specific types of packets (e.g., **ICMP** or **TCP**)
๐น Spoofing **ICMP** packets with arbitrary source IP addresses using **Scapy**
๐น Implementing a **traceroute-like tool** using **Scapy** by manipulating the **TTL (Time-To-Live)** field in IP packets
๐น Combining **sniffing and spoofing** techniques to create a program that **automatically sends spoofed ICMP replies**
### **Writing C Programs for Sniffing and Spoofing**
๐ Writing **C programs** to manually implement packet sniffing and spoofing, helping to understand the **low-level implementation details** of these techniques
---
๐ **This project provides hands-on experience with core networking security concepts, leveraging both Python and C for deep technical insights into packet analysis and manipulation.**