Pa Toolkit - A Collection Of Traffic Analysis Plugins Focused On Security


PA Toolkit is a collection of traffic analysis plugins to extend the functionality of Wireshark from a micro-analysis tool together with protocol dissector to the macro analyzer together with threat hunter. PA Toolkit contains plugins (both dissectors together with taps) roofing diverse scenarios for multiple protocols, including:
  • WiFi (WiFi network summary, Detecting beacon, deauth floods etc.)
  • HTTP (Listing all visited websites, downloaded files)
  • HTTPS (Listing all websites opened on HTTPS)
  • ARP (MAC-IP table, Detect MAC spoofing together with ARP poisoning)
  • DNS (Listing DNS servers used together with DNS resolution, Detecting DNS Tunnels)
The projection is nether active evolution together with to a greater extent than plugins volition hold out added inward almost future.
This cloth was created piece working on "Traffic Analysis: TSHARK Unleashed" course. Those interested tin banking concern gibe the course of pedagogy here: https://www.pentesteracademy.com/course?id=42

Installation
Steps:
  1. Copy the "plugins" directory to Wireshark plugins directory.
  2. Start wireshark. :)
One tin cash inward one's chips the place of wireshark plugins directory past times checking Help > About Wireshark > Folders



Tool featured at

Author
Under the guidance of Mr. Vivek Ramachandran, CEO, Pentester Academy


Documentation
For to a greater extent than details refer to the "PA-Toolkit.pdf" PDF file. This file contains the slide deck used for presentations.


Screenshots
PA Toolkit subsequently installation


List of websites visited over HTTP


Search functionality


Domain to IP mappings



Popular posts from this blog

Telekiller - A Tool Session Hijacking In Addition To Stealer Local Passcode Telegram Windows

Efiguard - Disable Patchguard Together With Dse At Kicking Time

Cameradar V2.1.0 - Hacks Its Mode Into Rtsp Videosurveillance Cameras