Scapy/Pcap Reader: Difference between revisions
From charlesreid1
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
Creating a pcap file reader in Scapy. | Creating a pcap file reader in Scapy. | ||
=The Summary= | |||
You will need a pcap file to begin with. (Use [[Tcpdump]] or some other utility.) | |||
Once you've got your pcap file: | |||
* Read in the pcap file | |||
* Loop through each packet to gather some basic aggregate statistics | |||
==Read Pcap File== | |||
Start scapy: | |||
<pre> | <pre> | ||
$ scapy | |||
Welcome to Scapy (2.3.1) | |||
>>> | |||
</pre> | </pre> | ||
To read a pcap file, use the <code>rdpcap()</code> method and pass the absolute path to the pcap file: | |||
<pre> | |||
>>> a=rdpcap("/path/to/capture.pcap") | |||
</pre> | |||
Now you should be able to see the number of packets: | |||
<pre> | |||
>>> len(a) | |||
2055 | |||
</pre> | |||
{{ScapyFlag}} | {{ScapyFlag}} | ||
Revision as of 21:35, 24 January 2016
Creating a pcap file reader in Scapy.
The Summary
You will need a pcap file to begin with. (Use Tcpdump or some other utility.)
Once you've got your pcap file:
- Read in the pcap file
- Loop through each packet to gather some basic aggregate statistics
Read Pcap File
Start scapy:
$ scapy Welcome to Scapy (2.3.1) >>>
To read a pcap file, use the rdpcap() method and pass the absolute path to the pcap file:
>>> a=rdpcap("/path/to/capture.pcap")
Now you should be able to see the number of packets:
>>> len(a) 2055
 |
scapy a Python library for interfacing with network devices and analyzing packets from Python.
Building Wireless Utilities: Scapy/Airodump Clone · Scapy/AP Scanner Analyzing Conversations: Scapy/Conversations Database: Scapy/Wifi Database Category:Scapy · Category:Python · Category:Networking
|