Stack Overflow
Stack Overflow

Questions tagged [pyshark]

PyShark is a Python wrapper allowing packet parsing using Wireshark dissectors. This package allows parsing from a capture file or a live capture, using all installed Wireshark dissectors.

PyShark is a Python wrapper allowing packet parsing using Wireshark dissectors. This package allows parsing from a capture file or a live capture, using all installed Wireshark dissectors.

189 questions
1
vote
1 answer

How to Use Pyshark to Read a .pcapng file's content directly from memory instead of from disk?

I am using the file capture API of pyshark like this. #!/usr/bin/env python3 # encoding:utf-8 import pyshark as ps filename: str = 'some_file.pcapng' with ps.FileCapture(input_file=filename) as capture: print(capture[0].pretty_print()) But…
Della
  • 1,264
  • 2
  • 15
  • 32
1
vote
1 answer

Not able to access attribute which name begins with a digit

I am using Pyshark to parse a PCAP. There are some object which name begin with digit say pkt.diameter.3gpp_reporting_reason. I'm not able to refer to this object, because I get an error "invalid decimal literal". Any ideas how to retrieve the…
Mak Alex
  • 11
  • 2
1
vote
0 answers

How to use the Tshark editcap function with Pyshark (for splitting or filtering files based on time range)

I am analysing existing PCAP files with Pyshark in Python. I want to write a function that splits/filters the PCAP file based on time range. I would like to use the Tshark editcap function to split the captured files. Does anyone know if I can use…
parmagray
  • 11
  • 2
1
vote
2 answers

Python - save packets to pcapng file

My code creates a couple of packets using scapy and should save them to pcapng files. However, I couldn't find any way to save the files as pcapng. I tried using Scapy's PcapWriter and saving the files to sniff.pcapng, but the result is a pcap file…
Adir Bruchim
  • 21
  • 2
1
vote
0 answers

Network sniffer that opens the ips as tabs in browser?

I'm trying to write a code that basically grabs the network traffic sniffed by wireshark and opens the ips in tabs in selenium. At first I tried using whois and socket.gethostbyaddr() as All I needed was to translate the ips to domains. But it…
Alex Montsarj
  • 11
  • 4
1
vote
0 answers

why in the raw data the first byte is in asciii

I've got the followings raw data in bytes…
k1k4ss0
  • 87
  • 10
1
vote
1 answer

Use Two bpf filter in pyshark

Can i Use two bpf filter in pyshark. for e.g, pyshark.LiveCapture(interface = 'wlo2', bpf_filter = 'arp and dhcp') is it possible or is there any way to use 2 filter simultaneously?
roXx
  • 69
  • 9
1
vote
0 answers

waiting for missing fields to store in dictionary using pyshark

The problem in code is if a field isn't received in the packet, then it goes further and count that as 1 and when a missed field is received in the next packet then it updates as count 2 with other fields. So I want if a field is missed then it…
roXx
  • 69
  • 9
1
vote
1 answer

how to add a counter on live packets sniffing

I want that every time a same packet arrives then it update count and print # from collections import Counter capture = pyshark.LiveCapture(interface='wlo2', bpf_filter='arp') capture.sniff(timeout=5) keys = {} e_mac = '00:00:00:00:00:00' or…
roXx
  • 69
  • 9
1
vote
0 answers

Pyshark spawns command-line windows when packaged with cx_freeze. How can I prevent that?

I'm using cx_freeze to package my python application into an EXE file. I've managed to hide the python console window with the option base = 'Win32GUI', but for some reason when I use the pyshark module it spawns two additional command prompts: one…
Capybara
  • 11
  • 2
1
vote
1 answer

Why does PyShark continue a LiveCapture with a timeout?

I mean, I suppose PyShark continues listening. My code is (within a class): def Capture(self, incoming): capture = pyshark.LiveCapture() capture.sniff(timeout=int(incoming)) print('TIMEOUT: ' + str(int(incoming))) print(capture) …
YoNa
  • 19
  • 7
1
vote
1 answer

Print tcp payload from Pcap file with pyshark

I download pcap file from Wiki this PCAP import binascii import pyshark cap = pyshark.FileCapture('200722_tcp_anon.pcapng') for pkt in cap: text = pkt.tcp.payload.raw_payload print(text) cap.close() But I got an error Traceback (most…
MicrosoctCprog
  • 460
  • 1
  • 3
  • 23
1
vote
1 answer

Is there a way to find the HTTP request with relation to a specific HTTP response in a pcap file using pyshark?

I'm using pyshark for parsing .pcapng files. My aim is to find the HTTP requests (packet numbers and http request line) to whom the responses were not 200 OK (or include errors). My approach is to find all the packets that are HTTP responses and…
most.of.a.shark
  • 21
  • 4
1
vote
1 answer

Continuously read pcap file in python that being written continuously

Using Python I want to continuously read the packets one-by-one in the same order they are written into, from a pcap file that is being continuously written by tshark (or a piece of code written in libpcap or pfring) live capture. To test this I…
reddi hari
  • 173
  • 1
  • 12
1
vote
0 answers

How Do I get Packets from Locally hosted website on remote computer using pyshark

I am trying to get packets from a website hosted locally on remote computer(Test purpose) using pyshark. Here is my code: import pyshark def print_live_dns(): capture = pyshark.LiveCapture("wlan0") for packet in capture: #…
Bruno
  • 33
  • 1
  • 5
1 2
3
12 13