Commit 83ea025d authored by Gamage G.G.I.V.M's avatar Gamage G.G.I.V.M

Upload New File

parent 681d2a50
import pyshark
import pydot
def generate_event_flow_graph(pcap_file, output_file):
# Read the pcap file
pcap = pyshark.FileCapture(pcap_file)
# Create a set to store unique IP addresses
ip_addresses = set()
# Iterate over the packets in the pcap file
for packet in pcap:
# Check if the packet has an IP layer
if 'IP' in packet:
ip_layer = packet['IP']
# Add the source and destination IP addresses to the set
ip_addresses.add(ip_layer.src)
ip_addresses.add(ip_layer.dst)
# Create a graph of the events
graph = pydot.Dot()
# Add a node for each IP address
for ip_address in ip_addresses:
graph.add_node(pydot.Node(ip_address, label=ip_address))
# Add an edge for each communication between two IP addresses
for packet in pcap:
if 'IP' in packet:
ip_layer = packet['IP']
graph.add_edge(pydot.Edge(ip_layer.src, ip_layer.dst))
# Save the graph to a file
graph.write_png(output_file)
# Usage example
pcap_file = 'capture.pcap'
output_file = 'event_flow_graph.png'
generate_event_flow_graph(pcap_file, output_file)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment