1. Advisor
  2. pyshark
  3. functions
  4. pyshark.packet.fields.LayerField
View all pyshark analysis

How to use the pyshark.packet.fields.LayerField function in pyshark

To help you get started, we’ve selected a few pyshark examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github KimiNewt / pyshark / src / pyshark / packet / layer.py View on Github external
def __init__(self, xml_obj=None, raw_mode=False):
        self.raw_mode = raw_mode

        self._layer_name = xml_obj.attrib['name']
        self._all_fields = {}

        # We copy over all the fields from the XML object
        # Note: we don't read lazily from the XML because the lxml objects are very memory-inefficient
        # so we'd rather not save them.
        for field in xml_obj.findall('.//field'):
            attributes = dict(field.attrib)
            field_obj = LayerField(**attributes)
            if attributes['name'] in self._all_fields:
                # Field name already exists, add this field to the container.
                self._all_fields[attributes['name']].add_field(field_obj)
            else:
                self._all_fields[attributes['name']] = LayerFieldsContainer(field_obj)
github offensive-hub / black-widow / app / managers / sniffer / pcap_sniffer.py View on Github external
'ip_host': None,
            'port': None
        }
        destination = {
            'mac': None,
            'mac_manufacturer': None,
            'mac_lookup': None,
            'ip': None,
            'ip_host': None,
            'port': None
        }
        protocol = None

        field_insert = set()
        for field in layer._get_all_fields_with_alternates():
            field: LayerField
            if field.name in PcapLayerField.AMBIGUOUS_FIELD_NAMES:
                continue
            field_unique_key = str(field.pos) + '_' + str(field.name)
            if field_unique_key in field_insert:
                continue
            pcap_layer_field: PcapLayerField = local_get_field_tree(field)
            if pcap_layer_field is None:
                continue

            if pcap_layer_field.sanitized_name in PcapLayerField.PROTO_FIELDS:
                protocol = pcap_layer_field.value
            else:
                host = None
                if pcap_layer_field.sanitized_name in PcapLayerField.SRC_FIELDS:
                    host = source
                elif pcap_layer_field.sanitized_name in PcapLayerField.DST_FIELDS:

pyshark

Python wrapper for tshark, allowing python packet parsing using wireshark dissectors

GitHub
MIT
Latest version published 2 years ago

Package Health Score

62 / 100
Full package analysis

Popular pyshark functions

Similar packages