{
    "info": {
        "author": "Tek",
        "author_email": "tek@randhome.io",
        "bugtrack_url": null,
        "classifiers": [
            "License :: OSI Approved :: MIT License",
            "Operating System :: OS Independent",
            "Programming Language :: Python :: 3"
        ],
        "description": "# pcap-ioc\n\nPython tool to extract potential IOCs from a pcap file using [pyshark](https://kiminewt.github.io/pyshark/)\n\nList of IOCs extracted :\n\n* IP addresses from IP packets\n* Domains and IP addresses from DNS requests\n* Domains, url and user-agents from HTTP requests\n* Domains from HTTPs X509 certificates\n\nTo install it, you can just do `pip install pcap_ioc` or install it from this repository with `pip install .`.\n\n## Usage\n\n### As a library\n\n```python\nfrom pcap_ioc import Pcap\n\np = Pcap('FILE.pcap')\nfor i in p.indicators:\n    print(i)\n```\n\n### CLI tool\n\n```\n$ pcap_ioc\nusage: pcap_ioc [-h] {ioc,misp,shell} ...\n\nProcess some pcaps.\n\npositional arguments:\n  {ioc,misp,shell}  Subcommand\n    ioc             Extract IOCs\n    misp            Extract IOCs and search in MISP\n    shell           Open a shell with pyshark\n\noptional arguments:\n  -h, --help        show this help message and exit\n```\n\nTo query MISP servers, you need to create a file `~/.misp` with one entry for every MISP server for instance :\n```\n[server1]\nurl: https://misp1.example.org/\nkey: KEYHERE\ndefault: true\n\n[server2]\nurl: https://misp2.example.org/\nkey: KEYHERE\n```\n\nThen you can query one of these server with `pcap_ioc misp -s misp2 file.pcap`\n\n## License\n\nThis software is released under the MIT license.\n\n\n",
        "description_content_type": "text/markdown",
        "docs_url": null,
        "download_url": "",
        "downloads": {
            "last_day": -1,
            "last_month": -1,
            "last_week": -1
        },
        "home_page": "https://github.com/Nothing2Hide/pcapanalysis",
        "keywords": "threat-intel",
        "license": "MIT",
        "maintainer": "",
        "maintainer_email": "",
        "name": "pcap-ioc",
        "package_url": "https://pypi.org/project/pcap-ioc/",
        "platform": "",
        "project_url": "https://pypi.org/project/pcap-ioc/",
        "project_urls": {
            "Homepage": "https://github.com/Nothing2Hide/pcapanalysis"
        },
        "release_url": "https://pypi.org/project/pcap-ioc/0.1.2/",
        "requires_dist": [
            "pyshark (==0.4.2.2)",
            "IPy (==0.83)",
            "pymisp (==2.4.101)"
        ],
        "requires_python": "",
        "summary": "Python library extracting potential IOCs from a pcap file",
        "version": "0.1.2"
    },
    "last_serial": 5107095,
    "releases": {
        "0.1.2": [
            {
                "comment_text": "",
                "digests": {
                    "md5": "f0cde65b57d78b321c29fb5f8a530130",
                    "sha256": "0bd8c794daaa31b51b847357f36ac5ffc9a0039403c18df9877e7d1f08ceb918"
                },
                "downloads": -1,
                "filename": "pcap_ioc-0.1.2-py3-none-any.whl",
                "has_sig": false,
                "md5_digest": "f0cde65b57d78b321c29fb5f8a530130",
                "packagetype": "bdist_wheel",
                "python_version": "py3",
                "requires_python": null,
                "size": 5283,
                "upload_time": "2019-04-06T11:53:35",
                "url": "https://files.pythonhosted.org/packages/23/67/88a200017191ea3f742794f18cd9da29355e4b009568f6f9c6fd5bb45904/pcap_ioc-0.1.2-py3-none-any.whl"
            },
            {
                "comment_text": "",
                "digests": {
                    "md5": "defb483c40ce7a2179d844780a8cd612",
                    "sha256": "d477acf1d4db634bc176a75a86deef97eaf7136a36a549ed88ad71b08eae0185"
                },
                "downloads": -1,
                "filename": "pcap_ioc-0.1.2.tar.gz",
                "has_sig": false,
                "md5_digest": "defb483c40ce7a2179d844780a8cd612",
                "packagetype": "sdist",
                "python_version": "source",
                "requires_python": null,
                "size": 3705,
                "upload_time": "2019-04-06T11:53:37",
                "url": "https://files.pythonhosted.org/packages/8a/bc/fddec4889bb2ed8fdfaced509351e949f5ffeb17d62f0061ac3cf3292230/pcap_ioc-0.1.2.tar.gz"
            }
        ]
    },
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "md5": "f0cde65b57d78b321c29fb5f8a530130",
                "sha256": "0bd8c794daaa31b51b847357f36ac5ffc9a0039403c18df9877e7d1f08ceb918"
            },
            "downloads": -1,
            "filename": "pcap_ioc-0.1.2-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "f0cde65b57d78b321c29fb5f8a530130",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": null,
            "size": 5283,
            "upload_time": "2019-04-06T11:53:35",
            "url": "https://files.pythonhosted.org/packages/23/67/88a200017191ea3f742794f18cd9da29355e4b009568f6f9c6fd5bb45904/pcap_ioc-0.1.2-py3-none-any.whl"
        },
        {
            "comment_text": "",
            "digests": {
                "md5": "defb483c40ce7a2179d844780a8cd612",
                "sha256": "d477acf1d4db634bc176a75a86deef97eaf7136a36a549ed88ad71b08eae0185"
            },
            "downloads": -1,
            "filename": "pcap_ioc-0.1.2.tar.gz",
            "has_sig": false,
            "md5_digest": "defb483c40ce7a2179d844780a8cd612",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 3705,
            "upload_time": "2019-04-06T11:53:37",
            "url": "https://files.pythonhosted.org/packages/8a/bc/fddec4889bb2ed8fdfaced509351e949f5ffeb17d62f0061ac3cf3292230/pcap_ioc-0.1.2.tar.gz"
        }
    ]
}