Category Archives: Forensic Scripts

Great for analyzing PCAP files, host files and other files hackers may have modified on a system

Forensics HTTP Analysis script that uses PCAP and TSHARK to analyse any anomalous HTTP traffic

  HTTP Analysis script that uses PCAP and TSHARK to analyse any anomalous HTTP traffic       #! /usr/bin/perl -w # Network Forensics Puzzle Contest #3 # Alan Tu <alantu@as2.info> # January 2, 2010 # http_analysis.pl v1.01 # Uses tshark to output the IP addresses, TCP ports, and key HTTP request and response headers… Read More »

Share Button

Network Forensic Tool Python Script to Analyze SYN packets uses PCAP and TSHARK

This script is used for forensic analysis to analyze SYN packets – requires pcap file and tshark   ================================================================================================= analyse_syn_packets.py ================================================================================================= import numpy,sys from subprocess import Popen, PIPE “”” Script to calculate how often a ip or tcp field changes in a pcap file for a specified destination ip address and port. Usage: python analyse_syn_packets.py… Read More »

Share Button