This is in browser wireshark like pcap file analyzer
Implemented with WASM

This project was developed as part of a graduate course at UVU, aiming to address a challenging problem in packet analysis. The assignment involved scanning and analyzing packets within a large PCAP file, with the objective of reviewing each packet and identifying potential vulnerabilities. Given that the file contained over 500 lines, I decided to automate the process by creating a tool to specifically detect HTTP requests like POST, PUT, DELETE, and other significant operations.

This automation enables efficient inspection between packets to identify any activity that warrants attention. When a relevant packet is detected, the tool generates a detailed report containing the following information: source IP, destination IP, protocol, payload size, a brief summary, an explanation of the issue, potential solutions, and recommended actions.

Manual packet analysis can be time-consuming, especially when dealing with large datasets.

This script reads PCAP files, extracts packet details, and uses Google’s Gemini AI to explain packet behavior and suggest security solutions.

Scapy is a powerful library for packet manipulation and analysis. The script reads packets from .pcap files

Using Gemini AI (gemini-pro model), the script generates a human-readable explanation for each packet summary.

The script dynamically asks Gemini AI to suggest potential security fixes or improvements based on the explanation.

The details, explanations, and solutions are formatted into a comprehensive report for each packet.

The script can process all PCAP files in a specified folder and save detailed reports in an output folder.

Why Use This Tool?

Efficient Analysis: Process multiple PCAP files quickly.
AI-Powered Insights: Gemini AI helps explain complex packets and generate tailored security recommendations.
Automated Reporting: Generates organized reports to simplify your workflow.

Final Thoughts

Automating network analysis with AI can save valuable time and enhance your ability to detect and mitigate security issues. This script combines the power of Scapy for packet analysis and Gemini AI to generate insights and solutions.

Ready to give it a try? Clone or adapt this script — https://github.com/hvaandres/PcapAnalyzer/blob/dev/pcap_formatted.py for your own cybersecurity projects and start analyzing PCAP files smarter and faster!

This video will cover how to analyze a packet capture in Wireshark for signs of a TCP SYN flood. We’ll start by generating a simple Python script to generate TCP connections, and analyze the traffic as the transaction rate is increased. We will also show you how to graph both good and rejected connections over time.