So since I finished my OSCP course I been spending my time attempting to learn how to code in Python and working on my network forensic skills (which suck currently).
To this end I’ve been reading the book “Violent Python” which is actually ideal for me, the examples are both practical and the code works (always a bonus but not always a sure thing). Currently I’m working through the chapter on Network Traffic Analysis which involves lots of work to do with packet captures and Scapy (my two favourite things).
The one issue I’ve come across is the lack of websites where you can download pcap files that contain malware, attacks etc. etc. I know you can download some pcap files from the web or make them yourself, but I’m lazy and would rather have one place to go.
So to that end I’ve created a cunning plan… I’ve decided to build a pcap repository, available for all on the internet. It will be free to use and will eventually allow people to upload pcap files themselves (my web skills suck so might take a while). I have no idea if this idea will work or not but its my way of giving something back to the community.
I’m currently searching for a hosting provider that will allow me plenty of bandwidth and storage space (just in case this idea takes off). All being well I will have a new domain all sorted before Christmas and then the real work will begin.
Long term some of the features that will be available will be:
Ability to upload pcap files
Ability to download pcap files (wouldn’t be much good otherwise)
Maybe even the ability to view contents of pcap files on-line
This being a community project I would help that people out there will help, whether it be suggestions, beta testing, donation of pcap files or some web development work (you don’t have to if you don’t want to though).
Well that’s my crazy idea for the year sorted, let me know what you think and I will post updates as I go.
Be sure to check out http://www.pcapr.net/home and http://www.cloudshark.org/, handy to store and analyze pcap files online.
This book , does it cover Python 2 or 3?
Hi the book covers Python 2