Module: tools/network_interceptor

tools.network_interceptor.add_mac_ip(mac, ip)

Adds MAC-IP bindings to the mac_ip_dict dictionary.

Parameters:

• mac (str) – The MAC address of the device.

• ip (str) – The IP address of the device.

Returns:

None

tools.network_interceptor.analyze(pkt)

This function analyzes packets for various types of attacks - ARP poisoning: detects ARP poisoning attack - HTTP access with IP in URL: detects HTTP requests that contain IP address in URL - Single-packet attack: detects single-packet attack based on TCP flags - Brute force attack: detects possible brute force attack based on number of requests from same IP in 1 minute window

Parameters:

pkt – packet to be analyzed

Returns:

None

tools.network_interceptor.http_uri(pkt)

Sniffs for HTTP requests that contain an IP address in the URL path and prints a warning message if found.

Parameters:

pkt – A packet captured by Scapy.

Returns:

None

tools.network_interceptor.sniffing_network(ip_adress)

Sniffs the network traffic and analyses packets to detect possible attacks.

Parameters:

ip_adress (str) – The IP address to sniff traffic for.

Returns:

None