Giters

emrekybs / BlueFish

Automation tool designed to simplify the analysis of PCAP (Packet Capture) files

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

incident-responsepcappcap-analyzerpcap-filespythonsecurity-automationtsharkwireshark

[EmreKybs

BlueFish

BlueFish is a Python-based automation tool designed to simplify the analysis of PCAP (Packet Capture) files. It leverages the power of Wireshark's command-line tool, tshark, to extract valuable information from network captures. With BlueFish, you can quickly identify potential login attempts, analyze network traffic patterns, and extract various network artifacts.

Key Features:

  • Extracts potential login attempts and credentials.
  • Analyzes IP and MAC addresses.
  • Retrieves embedded objects from network traffic.
  • Identifies email addresses and HTTP requests.
  • Provides insights into protocols, DNS queries, ICMP packets, SMB operations, FTP sessions, and TLS handshakes.

BlueFish streamlines the process of PCAP analysis, making it easier for security professionals and network analysts to gain insights into network activities.

π—œπ—‘π—¦π—§π—”π—Ÿπ—Ÿπ—”π—§π—œπ—’π—‘ π—œπ—‘π—¦π—§π—₯π—¨π—–π—§π—œπ—’π—‘π—¦

  $ pip install subprocess.run
  $ pip install os-sys
  $ git clone https://github.com/emrekybs0/BlueFish.git
  $ cd BlueFish
  $ chmod +x BlueFish.py 
  $ python3 BlueFish.py

About

Automation tool designed to simplify the analysis of PCAP (Packet Capture) files

incident-responsepcappcap-analyzerpcap-filespythonsecurity-automationtsharkwireshark

License:GNU General Public License v3.0

Languages

Language:Python 100.0%