DNSWatchdog

Description

DNSWatchdog analyzes TCP and UDP packets that have been captured by a wireshark session during a DNS spoofing attack. This allows us to understand which hostnames our target is trying to connect to and which are the target ports. This is the first step to then be able to sniff the traffic between our target and its destination.

Example Usage

python analyze-dns-pcap.py my.pcap 192.168.1.133

and this is a possible result:

Command-line parameters

python analyze-dns-pcap.py <pcap file> <target IP>

Parameter	Description	Example
`pcap file`	pcap file from wireshark during a DNS spoof session on Target IP	`my.pcap`, `mypcapng`, ...
`target IP`	IP you are trying to analyze to understand which hostname and port it is connecting to	`http://www.example.com`

How to install it on Kali Linux (or Debian distribution)

It's very simple

cd /opt

pip install pyshark

git clone https://github.com/dokDork/DNSWatchdog.git

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
images		images
LICENSE		LICENSE
README.md		README.md
analyze-dns-pcap.py		analyze-dns-pcap.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

DNSWatchdog

Description

Example Usage

Command-line parameters

How to install it on Kali Linux (or Debian distribution)

About

Releases

Packages

Languages

License

dokDork/DNSWatchdog

Folders and files

Latest commit

History

Repository files navigation

DNSWatchdog

Description

Example Usage

Command-line parameters

How to install it on Kali Linux (or Debian distribution)

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages