BlueFish is a Python-based automation tool designed to simplify the analysis of PCAP (Packet Capture) files. It leverages the power of Wireshark's command-line tool, tshark, to extract valuable information from network captures. With BlueFish, you can quickly identify potential login attempts, analyze network traffic patterns, and extract various network artifacts.
- Extracts potential login attempts and credentials.
- Analyzes IP and MAC addresses.
- Retrieves embedded objects from network traffic.
- Identifies email addresses and HTTP requests.
- Provides insights into protocols, DNS queries, ICMP packets, SMB operations, FTP sessions, and TLS handshakes.
BlueFish streamlines the process of PCAP analysis, making it easier for security professionals and network analysts to gain insights into network activities.
$ pip install subprocess.run
$ pip install os-sys
$ git clone https://github.com/emrekybs0/BlueFish.git
$ cd BlueFish
$ chmod +x BlueFish.py
$ python3 BlueFish.py