How to use the pyshark.LiveCapture function in pyshark

To help you get started, we’ve selected a few pyshark examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github michoo / pci / pci.py View on Github external
parser.add_argument("-i", "--interface", help="chose interface", action="store", dest='interface')
    parser.add_argument("-r", "--ring", help="activate ring buffer", action="store_true",
                        default=False)

    args = parser.parse_args()

    # live ring capture
    if args.ring:
        logger.info("Starting Live Ring Capture on " + args.interface)
        cap = pyshark.LiveRingCapture(interface=args.interface, only_summaries=True, ring_file_size=4096,
                                      num_ring_files=50, ring_file_name='./db/pcap/pci.pcapng')
        packet_analysis_live(cap)
    # live capture
    elif args.interface:
        logger.info("Starting Live Capture on " + args.interface)
        cap = pyshark.LiveCapture(interface=args.interface, only_summaries=True)
        packet_analysis_live(cap)

    # pcap
    elif args.filepath:
        logger.info("Starting pcap analysis on " + args.filepath)
        cap = pyshark.FileCapture(input_file=args.filepath, only_summaries=True)
        packet_analysis(cap)

    else:
        parser.print_help()
    sys.exit()
github alagoa / youtube-or-pornhub / service / utils / thread_pcap.py View on Github external
global ssnets
	ssnets=IPSet(snets)
		
	if args.udpport is not None:
		cfilter='udp portrange '+args.udpport
	elif args.tcpport is not None:
		cfilter='tcp portrange '+args.tcpport
	else:
		cfilter='ip'
	
	cint=args.interface
	global start
	start = utils.current_time()
	print('Filter: %s on %s'%(cfilter,cint))
	try:
		capture = pyshark.LiveCapture(interface=cint,bpf_filter=cfilter)
		capture.apply_on_packets(pkt_callback)
		print(inter_interval_down)
		print(inter_interval_up)
	except KeyboardInterrupt:
		sys.exit(0)
github xdavidhu / packetGraph / packetGraph.py View on Github external
def ifaceSniffer():
    global sniffError
    global stoppingIface
    global monitor_iface
    global sniffStarted
    if not stoppingIface:
        try:
            capture = pyshark.LiveCapture(interface=monitor_iface)
            sniffStarted = True
            capture.apply_on_packets(ifaceCounter)
        except:
            sniffError = True
            sys.exit()
    else:
        sys.exit()
github pbmartins / nypto / filtering.py View on Github external
sys.exit()

    CLIENT_NETS_SET = IPSet(client_networks)

    net_interface = args.interface
    print('TCP filter active on {} applied to the following '
            'networks: {}'.format(net_interface, CLIENT_NETS_SET))

    MINING_THRESHOLD = args.miningthreshold if args.miningthreshold is not None \
        else MINING_THRESHOLD

    TRAFFIC_STATS = \
        np.zeros((SRC_IP_ALLOCATE, TCP_PORT_ALLOCATE, WINDOW_DELTA, N_FEATURES))

    try:
        capture = pyshark.LiveCapture(interface=net_interface, bpf_filter='tcp')
        capture.apply_on_packets(pkt_callback)
    except KeyboardInterrupt:
        print('\n{} packets captured! Done!\n'.format(N_PACKETS))
        exit()
github alagoa / youtube-or-pornhub / service / app / pcap.py View on Github external
sys.exit()
		
	global ssnets
	ssnets=IPSet(snets)
		
	if args.udpport is not None:
		cfilter='udp portrange '+args.udpport
	elif args.tcpport is not None:
		cfilter='tcp portrange '+args.tcpport
	else:
		cfilter='ip'
	
	cint=args.interface
	print('Filter: %s on %s'%(cfilter,cint))
	try:
		capture = pyshark.LiveCapture(interface=cint,bpf_filter=cfilter)
		capture.apply_on_packets(pkt_callback)
		print(inter_interval_down)
		print(inter_interval_up)
	except KeyboardInterrupt:
		global npkts
		global npkts_up
		global npkts_down
		global len_up
		global len_down
		global t0
		keys = []
		values = []
		
		file_ = open('stats', 'w')
		#file_.write('npkts:'+str(npkts)+'\n')
		#file_.write('npkts_down:'+ str(npkts_down)+'\n') 
github 0x4D31 / fatt / fatt.py View on Github external
try:
                for packet in cap:
                    pp.process(packet)
                cap.close()
                cap.eventloop.stop()
            except Exception as e:
                print('Error: {}'.format(e))
                pass

    # Capture live network traffic
    elif args.interface:
        if args.write_pcap:
            DISPLAY_FILTER = None
        # TODO: Use a Ring Buffer (LiveRingCapture), when the issue is fixed:
        # https://github.com/KimiNewt/pyshark/issues/299
        cap = pyshark.LiveCapture(
            interface=args.interface,
            decode_as=args.decode_as,
            display_filter=DISPLAY_FILTER,
            bpf_filter=args.bpf_filter,
            output_file=args.write_pcap)
        try:
            cap.apply_on_packets(pp.process)
        except (KeyboardInterrupt, SystemExit):
            print("Exiting..\nBYE o/\n")
github PacketTotal / HoneyBot / snappycap / lib / utils.py View on Github external
def listen_on_interface(interface, timeout=60):
    """
    :param interface: The name of the interface on which to capture traffic
    :return: generator containing live packets
    """

    start = time.time()
    capture = pyshark.LiveCapture(interface=interface)

    for item in capture.sniff_continuously():
        if timeout and time.time() - start > timeout:
            break
        yield item
github terbo / sigmon / sigmon.py View on Github external
def sniffprobes(iface):
  wireless_filter = '''
(wlan.fc.type_subtype == 4)
'''
#(wlan.fc.type == 2)
#(wlan.fc.type_subtype == 0 or wlan.fc.type_subtype == 1)

  #mac_re = re.compile('[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]',re.IGNORECASE)

  while conf.running:
    try:
      capture = pyshark.LiveCapture(interface=iface,display_filter=wireless_filter)
      debug(0,'Starting capture on interface %s' % iface)

      for packet in capture.sniff_continuously():
        try:
          signal = packet['radiotap'].dbm_antsignal
          bssid = packet['wlan'].da
          pktmac = packet['wlan'].ta
          ssid = packet['wlan_mgt'].ssid
        except:
          continue

        if ssid == 'SSID: ' or ssid == '' or ssid == ' ':
          ssid = '[ANY]'

        lastseen = time.time()
github KTH / royal-chaos / chaosorca / netm / main.py View on Github external
def main():
    #Start prometheus exporter.
    start_http_server(12301)

    #Setup of pyshark
    capture = pyshark.LiveCapture(interface='eth0', display_filter='http', bpf_filter='host ' + os.environ['NETM_IP'] + ' and not port 12301')#, display_filter='http')
    capture.set_debug()
    capture

    for packet in capture.sniff_continuously():
        if 'http' in packet:
            process_http(packet.http)