├── README.md
├── packet screenshot.jpg
├── python-packet-sniffer.py
└── requirements.txt


/README.md:
--------------------------------------------------------------------------------
 1 | # Python-Scapy-Packet-Sniffer
 2 | A quick packet Sniffer developed using python v3 with scapy to capture TCP, UDP and ICMP Packets in linux .This script is tested on linux Operating System on python version3. The script captures all the incoming and outgoing packets from all interface of the machine. Once the packets are captures they are classfies into TCP, UDP and ICMP packets based on their header.Under each classification the packets are categorized into incoming and outgoing packets.Some of the information captures by Packet Sniffer is Time Stamp, Source Mac,Destination Mac,source IP Address, Destination IP Address, 
 3 | . The dependent modules are Builtin [os](https://docs.python.org/3/library/os.html), [datetime](https://docs.python.org/3/library/datetime.html),[socket](https://docs.python.org/3/library/socket.html), [time](https://docs.python.org/3/library/time.html), and external [Scapy](https://scapy.net/) . Scapy is not pre-installed in Linux hence, needs to be installed.
 4 | 
 5 | # Installing External Modules:   
 6 | ```
 7 | sudo apt install scapy  
 8 | ```
 9 | 
10 | # To download and Run Script
11 | ```
12 | git clone https://github.com/Roshan-Poudel/Python-Scapy-Packet-Sniffer.git  
13 | ```
14 | ```
15 | cd Python-Scapy-Packet-Sniffer/  
16 | ```
17 | ```
18 | sudo python3 python-packet-sniffer.py       
19 | ```
20 | ![Packet Screenshot](https://github.com/Roshan-Poudel/Python-Scapy-Packet-Sniffer/blob/master/packet%20screenshot.jpg)


--------------------------------------------------------------------------------
/packet screenshot.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Roshan-Poudel/Python-Scapy-Packet-Sniffer/20bf0d45fb16093b3a7e11ffc211edf419d9532e/packet screenshot.jpg


--------------------------------------------------------------------------------
/python-packet-sniffer.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/python
 2 | 
 3 | from scapy.all import *
 4 | import socket
 5 | import datetime
 6 | 
 7 | def get_local_ip():
 8 |     # Get the local network IP address of the host
 9 |     with socket.socket(socket.AF_INET, socket.SOCK_DGRAM) as s:
10 |         s.connect(("8.8.8.8", 80))
11 |         return s.getsockname()[0]
12 | 
13 | # Local IP address of the machine
14 | local_ip = get_local_ip()
15 | 
16 | def network_monitoring(pkt):
17 |     # Capture the current timestamp
18 |     timestamp = datetime.datetime.now()
19 | 
20 |     # Check for TCP packets with IP or IPv6 layers
21 |     if pkt.haslayer(TCP):
22 |         if pkt.haslayer(IP):
23 |             ip_layer = IP
24 |         elif pkt.haslayer(IPv6):
25 |             ip_layer = IPv6
26 |         else:
27 |             return  
28 | 
29 |         # Determine if it's an incoming or outgoing TCP packet
30 |         direction = "IN" if pkt[ip_layer].dst == local_ip else "OUT"
31 |         print(f"[{timestamp}] TCP-{direction}: {len(pkt[TCP])} Bytes "
32 |               f"SRC-MAC: {pkt.src} DST-MAC: {pkt.dst} "
33 |               f"SRC-PORT: {pkt.sport} DST-PORT: {pkt.dport} "
34 |               f"SRC-IP: {pkt[ip_layer].src} DST-IP: {pkt[ip_layer].dst}")
35 | 
36 |     # Check for UDP packets with IP layer
37 |     elif pkt.haslayer(UDP) and pkt.haslayer(IP):
38 |         # Determine if it's an incoming or outgoing UDP packet
39 |         direction = "IN" if pkt[IP].dst == local_ip else "OUT"
40 |         print(f"[{timestamp}] UDP-{direction}: {len(pkt[UDP])} Bytes "
41 |               f"SRC-MAC: {pkt.src} DST-MAC: {pkt.dst} "
42 |               f"SRC-PORT: {pkt.sport} DST-PORT: {pkt.dport} "
43 |               f"SRC-IP: {pkt[IP].src} DST-IP: {pkt[IP].dst}")
44 | 
45 |     # Check for ICMP packets with IP layer
46 |     elif pkt.haslayer(ICMP) and pkt.haslayer(IP):
47 |         # Determine if it's an incoming or outgoing ICMP packet
48 |         direction = "IN" if pkt[IP].dst == local_ip else "OUT"
49 |         print(f"[{timestamp}] ICMP-{direction}: {len(pkt[ICMP])} Bytes "
50 |               f"IP-Version: {pkt[IP].version} "
51 |               f"SRC-MAC: {pkt.src} DST-MAC: {pkt.dst} "
52 |               f"SRC-IP: {pkt[IP].src} DST-IP: {pkt[IP].dst}")
53 | 
54 | if __name__ == '__main__':
55 |     print(f"Starting network monitoring on local IP: {local_ip}")
56 |     sniff(prn=network_monitoring)
57 | 


--------------------------------------------------------------------------------
/requirements.txt:
--------------------------------------------------------------------------------
1 | #Python Version 3
2 | os
3 | socket
4 | scapy 2.4.4
5 | datetime
6 | time
7 | 


--------------------------------------------------------------------------------