Hello World Of Cyber Security, Welcome to Purple Shark

Purple Shark is a Pcap analyzer that automatically parses through your Pcap files and outputs very useful information into various directories. Purple Shark was coded in Kali Linux entirely in BASH with 120 lines of code. A cybersecurity expert might use Purple Shark to automatically capture valuable Netflow data from their Pcap files. Purple Shark uses Tshark to parse through your Pcap files and extract the netflow data.

I am part of the team that created Purple Shark. We are called the Purple Hats and our team consists of Dante Falls, Andrew Sorrells, Jennifer Liu and Mingnon Pender. Thank you for using our product, we enjoyed coding this script for the world to enjoy!


1. Run Purple Shark from the command line with the following command: ./purpleShark.sh

- You may need to run purpleShark.sh with the sudo command since the script needs to create files.

2. Purple Shark will pop-up a window greeting you and asking if you want to analyze a pcap file. You should click "yes" on the pop-up screen.

3. Purple Shark will then pop-up another window showing your entire file system. Travel through your file system in the pop-up window and double click the Pcap file you want to analyze.

4. Purple Shark will then tell you to be patient and output a progress bar showing the current progress in purple.

5. Puple Shark will then tell you it finished the Pcap scan and tell you it outputted the data it extracted into a directory called "Purple".

6. Purple Shark will then echo a directory tree of the "Purple" directory onto your command line.

7. You may now travel the Purple directory freely and view the text files within.

8. Thanks for using Purple Shark!!!