https://github.com/zvdy/pynternet-sniffer
https://github.com/zvdy/pynternet-sniffer
Last synced: about 1 year ago
JSON representation
- Host: GitHub
- URL: https://github.com/zvdy/pynternet-sniffer
- Owner: zvdy
- License: mit
- Created: 2024-09-09T21:26:45.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2024-09-15T13:21:32.000Z (almost 2 years ago)
- Last Synced: 2024-09-16T10:58:16.164Z (almost 2 years ago)
- Language: Python
- Size: 49.8 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Pynternet Sniffer
  [](https://opensource.org/licenses/MIT)
Pynternet Sniffer is a Python script that monitors network activity, logs the activities, and retrieves IP, MAC, and creator information using the ARP protocol.
## Features
- Monitors network connections and logs established connections.
- Retrieves IP and MAC addresses using ARP requests for IPv4 and ICMPv6 for IPv6.
- Logs network activity to a timestamped log file.
- Optionally logs network activity to the terminal.
- Gracefully exits on pressing 'q' or 'Esc'.
- Validates IP addresses before processing.
- Logs only the first request of each MAC address if specified.
- Scans the local network for devices within a specified IP range.
- Adds MAC manufacturer information to log entries.
## Requirements
- Python 3.x
- [`psutil`] library
- [`scapy`] library
## Installation
1. **Clone the repository**:
```sh
git clone https://github.com/zvdy/pynternet-sniffer.git
cd pynternet-sniffer
```
2. **Create a virtual environment** (optional but recommended):
```sh
python -m venv venv
source venv/bin/activate
```
3. **Install the required libraries**:
```sh
pip install -r requirements.txt
```
## Usage
1. **Run the script with elevated privileges**:
```sh
sudo /venv/bin/python main.py
# or
sudo python main.py
```
2. **Generate network activity** (e.g., using [`ping`]):
```sh
ping -c 4 google.com
```
3. **Check the log file**:
The network activity will be logged in a file named `network_activity_.log`.
4. **Exit the script**:
Press 'q' or 'Esc' to gracefully exit the script.
### Additional Options
- **Log activity to the terminal**:
```sh
sudo python3 main.py -t
```
- **Log only the first request of each MAC address**:
```sh
sudo python3 main.py -m
```
- **Specify IP range to scan for devices**:
```sh
sudo python3 main.py -r 192.168.1.1/24
```
- **Combine options**:
```sh
sudo python3 main.py -t -m -r 192.168.1.1/24
```
## Example
```sh
sudo python3 main.py -t
```
In another terminal:
```sh
ping -c 4 google.com
```
Check the `network_activity.log` file for logged network activity.
## Additional Scripts
### `who.sh`
The `who.sh` script processes a list of IP addresses from an input file and retrieves information about each IP using the `whois` command. The results are saved to an output file.
#### Usage
1. **Ensure the input file [`dump/remote_ip.txt`] exists**:
This file should contain a list of IP addresses, one per line.
2. **Run the script**:
```sh
./scripts/who.sh
```
3. **Check the output file**:
The information for each IP will be saved in [`dump/remote-info.txt`].
### `filter.sh`
The `filter.sh` script lists available network activity log files, prompts the user to select one, and then extracts unique local IP/MAC addresses and remote IP addresses from the selected log file. The results are saved in separate files.
#### Usage
1. **Run the script**:
```sh
./scripts/filter.sh
```
2. **Follow the prompts**:
Select the log file you want to process from the list.
3. **Check the output files**:
- [`dump/local_ip_mac.txt`] will contain unique local IP and MAC addresses.
- [`dump/remote_ip.txt`] will contain unique remote IP addresses.
### License
This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for details.