Skip to main content

Generate PCAPs by simulating HTTP/FTP/SMTP/IMAP. A modified version of PGT tools.

Project description

Pcapgen PCAP Generation Suite

pgtlib


pgtlib is a wrapper built on top of Scapy to provide additional flexibility to create custom TCP client<->server packet captures. This module would also provide functionality to prefix 3-way TCP Handshake and close established connections gracefully.

pgtlib usage

Let's say over TCP/5555, you would like to send "----> hey from client\n" from client and server echoes back with a response message saying, "<---- ack data\n". Let's construct a packet based on this:

from pgtlib import *

fHandle = PCAP('/tmp/tcp.pcap')             # PCAP Output Filename
conn = fHandle.tcp_conn_to_server(5555)     # Assign dest port as TCP/5555
conn.to_server('----> hey from client\n')   # Client message to server
conn.to_client('<---- ack data\n')          # Server message to client
conn.finish()                               # Construct FIN here
fHandle.close()                             # Close file handle
print('[*]Done.')

pft


PCAP Fix Tool (pft, in short) is a wrapper on top of scapy. This utility helps in resolving broken TCP communications, changing endpoint directions and ports etc. This tool takes the C Arrays input of any TCP stream, appends the missing TCP 3-Way handshakes along with adding the necessary FIN TCP flags to terminate the established TCP communication gracefully.

pft usage

  • Open faulty pcap and navigate to the faulty TCP stream index that you want to correct.
  • View data as 'C Arrays' and export the output to any flat file e.g. /tmp/raw
  • $python pft.py -p 1337 -w /tmp/raw
  • This would geneate raw.pcap (currently supports PCAP format only) which would have TCP/1337 as destination port along with the end-to-end PDU data intact.

pgt


PCAP Genation Tool (pgt) is wrapper built on top of scapy again which generates simulated HTTP,FTP and Email (SMTP/IMAP) protocols data along with several encoding types i.e. base64, deflate, gzip etc.

pgt usage

$python pgt.py ~/Desktop/sample.docx # Generates HTTP(GET/POST), FTP(active and passive), SMTP and IMAP PCAPs.

External dependencies

  • scapy [pip install scapy]
  • python-magic [pip install python-magic]

Credits

  • Major credit goes to Andrewg Felinemenace for developing this excellent utility. Those scripts can be found here
  • Mine is just an add-on with some minor fixes on top of it. :)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for pcapgen, version 0.3
Filename, size File type Python version Upload date Hashes
Filename, size pcapgen-0.3-py2-none-any.whl (11.3 kB) File type Wheel Python version py2 Upload date Hashes View hashes
Filename, size pcapgen-0.3.tar.gz (9.9 kB) File type Source Python version None Upload date Hashes View hashes

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page