<h2>Malware Traffic Analysis With Python</h2>
> A very simple Python script to analyse malicious traffic from malware traffic
> In my sample I going to analyze traffic for "Malware Team Up: Malspam Pushing Emotet + Trickbot" for more details about this malware go to:
https://unit42.paloaltonetworks.com/unit42-malware-team-malspam-pushing-emotet-trickbot/
> Screenshot Of Resultes:
![alt text](https://raw.githubusercontent.com/iven86/Malware-Traffic-Analysis/main/img/Screenshot01.png)
## ð Behind The Scene:
> At first we have to convert PCAP file to json with filter or without by run one of these commands:
> tshark -2 -R "http.request.method==GET or http.request.method==POST" -r input.pcap -T json >output.json
> tshark -2 -R "ip.addr==X.X.X.X and http.request.method==GET" -r input.pcap -T json >output.json
> Sometimes you need to fix json file after running on of above commands.
> The process is we going to all hosts on HTTP layers and scan them with urlvoid.com for more accuracy try to use paid API from them.
## ⨠The Accuracy:
> Not granted 100%, This project just an idea, and all results based on urlvoid.com.
## Author
没有合适的资源?快使用搜索试试~ 我知道了~
资源推荐
资源详情
资源评论
收起资源包目录
基于统计特征的恶意加密流量分类.zip (8个子文件)
基于统计特征的恶意加密流量分类
.github
FUNDING.yml 115B
pcap sample
2020-12-29-Emotet-infection-with-Trickbot-and-spambot-activity.pcap 44.14MB
img
Screenshot01.png 80KB
malware_traffic_analysis.py 2KB
output.json 1.07MB
requirements.txt 57B
urlvoid.py 2KB
README.md 1KB
共 8 条
- 1
资源评论
小码蚁.
- 粉丝: 2520
- 资源: 4067
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功