Pcap-To-Img

A Modified version of USTC-TK2016 Tools

For Windows only

Before Preprocessing

Convert PcapNG Files to Pcap Files

If you are using PcapNG (.pcapng) Files

Sometimes pcapng will also shown as .pcap file.

editcap program is available from Wireshark.
Usage of editcap

editcap -F libpcap dump.pcapng dump.pcap

Please see How To handle PcapNG files for more detail.

Usage of Tools

SplitCap : https://www.netresec.com/?page=SplitCap
finddupe : https://www.sentex.ca/~mwandel/finddupe/

Run Powershell as Administrator

set-ExecutionPolicy RemoteSigned

Preprocessing

Split Pcap files into Flows

.\1_Pcap2Flow.ps1

python .\2_Flow2Packet.py

usage: 2_Flow2Packet.py [-h] --packet PACKET --byte BYTE [--limit LIMIT]

Selecting Parameter of Packets and Bytes.

optional arguments:
  -h, --help       show this help message and exit
  --packet PACKET  number of required packets
  --byte BYTE      number of trimmed byte
  --limit LIMIT    only extract packets from the largest N flows

python .\3_Packet2Image.py

Name		Name	Last commit message	Last commit date
Latest commit History 9 Commits
0_Tool		0_Tool
1_Pcap		1_Pcap
2_Flow		2_Flow
2_Flow_Raw		2_Flow_Raw
3_Packet		3_Packet
4_Image		4_Image
.gitignore		.gitignore
1-1_ProcessFlow.py		1-1_ProcessFlow.py
1_Pcap2Flow.ps1		1_Pcap2Flow.ps1
2_Flow2Packet.py		2_Flow2Packet.py
3_Packet2Image.py		3_Packet2Image.py
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Pcap-To-Img

Before Preprocessing

Convert PcapNG Files to Pcap Files

Usage of Tools

Run Powershell as Administrator

Preprocessing

About

Releases

Packages

Languages

vinesmsuic/Pcap-To-Img

Folders and files

Latest commit

History

Repository files navigation

Pcap-To-Img

Before Preprocessing

Convert PcapNG Files to Pcap Files

Usage of Tools

Run Powershell as Administrator

Preprocessing

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages