Read pcap and assemble HTTP requests

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for gaainf from gravatar.com gaainf

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: BSD License (BSD-3-Clause)

Author: Alexander Grechin

Tags traffic, pcap, utilities, tcpdump, tshark, wireshark

Classifiers

Project description

https://travis-ci.org/travis-ci/travis-web.svg?branch=master https://codecov.io/gh/gaainf/pcaper/branch/master/graph/badge.svg

Pcaper provides class to read pcap file, assemble and iterate HTTP requests. The package based on dpkt.

Installation

pip install pcaper

Import

import pcaper
reader = pcaper.HTTPRequest()

or

from pcaper import HTTPRequest
reader = HTTPRequest()

Examples

Iterate HTTP requests

Read pcap file, assemble and iterate HTTP requests

reader = pcaper.HTTPRequest()
params = {
    'input': 'file.pcap',
}
for request in reader.read_pcap(params):
    print request['origin']

Extract http headers

You can extract header by name

reader = pcaper.HTTPRequest()
params = {
    'input': 'file.pcap',
}
for request in reader.read_pcap(params):
    print request['headers']['host']
    print request['headers']['content-length']

Filter packets

It is possible to filter out excess packets

reader = pcaper.HTTPRequest()
params = {
    'input': 'file.pcap',
    'filter': 'tcp.dst == 1.1.1.1'
}
for request in reader.read_pcap(params):
    print request['origin']

You can combine tcp and ip filters in dpkt style

params1 = {
    'input': 'file.pcap',
    'filter': 'tcp.dport == 80 and ip.src == 1.1.1.1'
}

params2 = {
    'input': 'file.pcap',
    'filter': 'tcp.sport == 8888 or ip.dst == 2.2.2.2'
}

Notes

New pcapng format is not supported by dpkt package, but you can convert input file from pcapng to pcap format with standard utility, which is installed with wireshark package.

mergecap file.pcapng -w out.pcap -F pcap

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for gaainf from gravatar.com gaainf

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: BSD License (BSD-3-Clause)

Author: Alexander Grechin

Tags traffic, pcap, utilities, tcpdump, tshark, wireshark

Classifiers

Release history Release notifications | RSS feed

1.0.11

1.0.8

1.0.7

1.0.6

1.0.5

1.0.4

1.0.3

1.0.2

1.0.1

This version

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pcaper-1.0.0.tar.gz (4.6 kB view hashes)

Uploaded Source

Built Distribution

pcaper-1.0.0-py2.py3-none-any.whl (4.7 kB view hashes)

Uploaded Python 2 Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page