User-friendly packet captures

Project description

capture-packets: User-friendly packet captures

Installing and instructions

To use this library you must have the dumpcap utility from tshark installed. Learn how to install dumpcap.

Now we install the Python package from PyPI:

$ python -m pip install capture-packets

After that's installed we create a script and place the problematic code within the capture_packets context manager:

from capture_packets import capture_packets

# Wrap *all* of your networking code
# in the capture_packets() context manager:
with capture_packets() as pcap:

    # You put the code that you want to capture below here:
    import urllib3
    http = urllib3.PoolManager()
    http.request("GET", "https://service-that-is-not.working")

    # By the way, it's okay if an error happens in here. The
    # context manager still works and outputs the paths to stdout.

If you run the above script you'll get the following output:

What data gets captured?

All network traffic occurring on your machine is captured (unless you specify a more specific interface, default is all interfaces). Any TLS handshakes that occur within the capture_packets will have their secrets dumped as well so that TLS traffic within the packet capture can be decrypted. Any TLS handshakes not occurring within the capture_packets context manager are unaffected.

Do not send this data to anyone you do not trust. If you're using any authentication those secrets will likely be included in the packet capture. You should consider rotating your credentials after you've captured the packets to ensure there is zero chance of services being compromised.

Why is this useful?

There are networking issues that are impossible to debug without a packet capture and it's difficult to make packet captures easy for users. This library is an attempt to make packet captures as simple as possible.

What libraries are supported?

If TLS isn't being used, then in theory any networking library will work.

If TLS is being used then the library must support the SSLKEYLOGFILE environment variable to have TLS secrets dumped automatically as well. To name a few, urllib3, Requests, and any libraries that use those two libraries for HTTP will work with TLS.

License

MIT

Project details

Release history Release notifications | RSS feed

0.1.2

Nov 24, 2022

0.1.1

Jan 6, 2022

This version

0.1.0

Jan 6, 2022

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

capture-packets-0.1.0.tar.gz (3.4 kB view hashes)

Uploaded Jan 6, 2022 Source

Built Distribution

capture_packets-0.1.0-py2.py3-none-any.whl (4.0 kB view hashes)

Uploaded Jan 6, 2022 Python 2 Python 3

Hashes for capture-packets-0.1.0.tar.gz

Hashes for capture-packets-0.1.0.tar.gz
Algorithm	Hash digest
SHA256	`a787b2053af617d913d095e71ee206c5398367feb1c736ef262770522e461475`
MD5	`f4c28883f2f13c8ac5d29016ec525310`
BLAKE2b-256	`e75b1d5bc9cb4bb8f1ae3d40a707c9cd84884064a2a2a286c86b44df7a2c0e2a`

Hashes for capture_packets-0.1.0-py2.py3-none-any.whl

Hashes for capture_packets-0.1.0-py2.py3-none-any.whl
Algorithm	Hash digest
SHA256	`d2580ecc2173aa2eca933b5e718f7b003395fa8be167f78df55f19399823fa03`
MD5	`3a76f059db79bdc9a6e4fdd833e078c7`
BLAKE2b-256	`331c13e0b7cf0f5ffb7168fb8e219e71ed9d9ac562d8a86a1bd02cecfb5817b5`