I am quite new to sniffing/hacking and trying to do a nice script for parsing/sorting packages. I would like to store and sort TCP-packages flags(retransmission, double ack, lost segment..) for each packet. I would also like to see the signal strength of the AP and the payload for each packet.
The code is will be used to sniff packages between a specific client and a server with static addresses and specified port. I using a Raspberry Pi with kali linux and the sniffing-session must be done in monitor mode.
When completed the script should be able to store packages that have been lost between the client and server.
I have messed around with aircrack-ng(airodump..), wireshark, scapy, sockets and wifite to evaluate be behavior of packages transmitted. But nothing gave the output i prefered.
Is there a way do dissect each packages into variables to easily use in a script? Is there a way to evaluate TCP-flags? and to count them?
I have tried to do a sniffing-session with multiple approaches and store it in a pcap-file and later analyze the session in wireshark.
A preferred output is in columns:
Packet number | source.ip -> destination.ip | signal strenght | payload
And after each session there should be a summarizing of the TCP-packages Retransmittet, lost segment, double ack. Like:
packages count: Retransmitted: X | lost_segment: X | double ack:
