Pcap Blur is a command line tool that anonymizes network traffic.
Project description
# Pcap_Blur
### [PT-BR](README_pt.md)
pcap_blur is a command line tool for anonymizing network traffic captured in .pcap or .pcapng files in a simple yet secure way. The main purpose of this tool is to allow anyone to anonymize their own network traffic for research, testing, or educational purposes. The main focus of pcap_blur is on anonymization of Internet traffic under the TCP/IP stack.
## Installation
### Windows
Download and install [Python 3.10 or later](https://www.python.org/downloads/windows/) and [pip](https://pypi.org/project/pip/)
Download and install the latest version of [Npcap](https://nmap.org/npcap/)
> It is advised to turn off the Winpcap compatibility mode option during installation
Install pcap_blur using pip:
`bash pip install pcap_blur `
### Linux
Install [Python 3.10 or later](https://www.python.org/downloads/) and [pip](https://pypi.org/project/pip/)
Install [libpcap](https://www.tcpdump.org/)
For Debian based distributions:
`bash sudo apt install libpcap-dev `
For Fedora/Red Hat based distributions:
`bash sudo yum install libpcap-devel `
Install pcap_blur using pip:
`bash pip install pcap_blur `
## Usage
The main usage of pcap_blur is to anonymize a .pcap file. To do this, you can use the following command:
`bash pcap_blur path/to/file.pcap `
By default, the output file will be named file_anonymized.pcap and together with the log file will be saved in a folder named output. You can change the output folder and filename by using the –outDir and –outName options, respectively.
`bash pcap_blur path/to/file.pcap --outDir /new_output_folder --outName new_name.pcap `
You can also use the –batch option to anonymize multiple capture files in a folder.
`bash pcap_blur --batch /path/to/folder `
Using this option, an output folder will be created in the specified folder and the anonymized files will be saved in it. All the logs will be saved individually under the output/logs folder. You can change the output folder by using the –outDir option.
`bash pcap_blur --batch /path/to/folder --outDir /new_output_folder `
You can use the –validate option to validate the anonymization of a .pcap file. This option will compare the original and anonymized files and search if any of the original information is found in the anonymized packets.
`bash pcap_blur --validate path/to/original_file.pcap path/to/anonymized_file.pcap `
Below is a table with all the command line options available for pcap_blur:
## Anonymization Policy
pcap_blur uses an anonymization policy defined by the original author (me) for a final project at the Federal University of Ceará (UFC), which is based on the following principles:
Focus on anonymizing Internet traffic under the TCP/IP stack.
Anonymization that provides a good balance between privacy and usability.
Anonymization that is simple and easy to understand.
Below is a table of the fields that are anonymized and the anonymization method used:
You can find more information about the anonymization policy and other edge-case scenarios on the final paper (link to be added).
## Building from source
If you wish to use pcap_blur from source instead of using the pre-built binary or if you want to modify the source code before running it, you can follow these steps:
Install [Python 3.10 or later](https://www.python.org/downloads/)
Clone the repository:
`bash git clone https://github.com/rafaelsilva81/pcap_blur.git `
(Optionally) Initialize a virtual environment with [venv](https://docs.python.org/3/library/venv.html):
Install the dependencies:
`bash pip install -r requirements.txt `
Run the tool by executing the main.py script:
`bash python main.py --version `
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details
## Contributing
Contributions are welcome! Please file an issue or submit a pull request. For major changes, please open an issue first to discuss what you would like to change.
## Acknowledgments
[Scapy](https://scapy.net/) - A powerful and flexible packet manipulation library for Python.
[YaCryptoPan](https://github.com/yacryptopan/yacryptopan) - A Python library for CrpyoPAn, a cryptographic anonymization algorithm.
[Netresec Publicly available PCAP files](https://netresec.com/?page=public-pcap-files) - A collection of publically available PCAP files for testing and research purposes.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for pcap_blur-0.1.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 95b67e51d2c665fc584cb0483f4b9e6014eef1db2e92a3c9413f7804cd95353d |
|
MD5 | 611741bc006e6503777a29b8dd15181c |
|
BLAKE2b-256 | d19531e2c29ba711ad9728620ac8aeebb6be308368a390de0edb3e0903f73eb2 |