Python script to quickly extract useful information from a PCAP file.
It currently only prints ALL IP addresses in a file.
git clone https://github.com/albinogazelle/pcap-extract
pip install -r requirements.txt
python3 pcap-extract.py PCAP_FILE
Print all external IP addresses found in a PCAP
Run IP addresses through a reputation/blocklist and print list sorted by most suspicious
Parse URLs from file and send to virustotal, report back findings