Giters

zam89 / pcap2url

Extracting URLs from PCAP file

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

pcap2url

Viewing HTTP request & response, extracting URLs from PCAP file

alt tag

About

This script basically shows HTTP request & response, extracting URLs and filename (if any) from PCAP file into more human-friendly and beautiful format. :p

This is just a layman's coding style. Create this just for fun and for learning purpose.

Main Function

  • This analyzer will read the PCAP file and display the result in the terminal.

    • The result will contains:
    • Source IP
    • HTTP Method
    • Requested URL
    • Timestamp
    • Dest IP
    • User-Agent
    • Referer
    • HTTP Response
    • Filename
    • Content_Type

    How to use

    1. Download the Python script
    2. Ensure you have Python3+ installed (currently I'm running Python 3.9.1)
    3. Ensure you have pip installed
    4. Ensure you have Wireshark installed
    5. Install scapy, scapy-http via pip -e.g. pip install scapy scapy-http
    6. Run the script: python pcap2url.py sample.pcap
    7. Profit! :)
  • Any feedback are welcomed. You can contact me via email at m[d0t]khairulazam@gmail[d0t]com.
  • Credit for this blog for the original code. :)

    • About

    Extracting URLs from PCAP file

    License:GNU General Public License v3.0

    Languages

    Language:Python 100.0%