Metadata-Version: 2.1
Name: sniperpy
Version: 1.0.1
Summary: A Python package to analyze SMB2 packets from pcap files
Home-page: https://github.com/powerexploit/sniper
Author: Ankit Dobhal
Author-email: dobhal.ankit@protonmail.com
Project-URL: Bug Tracker, https://github.com/powerexploit/sniper/issues
Classifier: Programming Language :: Python :: 3
Classifier: Operating System :: OS Independent
Requires-Python: >=3.6
Description-Content-Type: text/markdown
Requires-Dist: scapy

# Sniperpy: SMB2 Packet Analyzer
`sniperpy` is a Python package designed to extract and analyze SMB2 packets from PCAP files. It helps security engineers quickly retrieve relevant SMB2 data like Create and Close requests/responses from packet captures.

# Features
- Extract SMB2 Create and Close requests/responses from PCAP files.
- Parse and analyze metadata (source/destination IPs, ports).
- Save extracted metadata as a JSON file.

# Installation
You can install `sniperpy` using `pip`:
```
pip install sniperpy
```

# Usage
After installing the package, you can import it and use the functions provided to work with SMB2 packets in your PCAP files.

### Example Code
```
from sniperpy import extract_smb_packets, parse_smb_packets, save_extracted_files, SMBExtractorError

# Specify the path to your pcap file
pcap_file = "path_to_your_pcap_file.pcap"

try:
    # Extract SMB packets from the PCAP
    smb_packets = extract_smb_packets(pcap_file)

    # Parse SMB packet metadata
    metadata = parse_smb_packets(smb_packets)

    # Optionally, save the metadata to a JSON file
    save_extracted_files(metadata, output_dir="output_directory")

    # Print metadata to the console
    for entry in metadata:
        print(entry)

except SMBExtractorError as e:
    print(f"An error occurred: {e}")
```

### Example output
```
{
    "Packet Type": "SMB2 Create Request",
    "Source IP": "192.168.1.100",
    "Source Port": 445,
    "Destination IP": "192.168.1.101",
    "Destination Port": 139
}
```
# Functions Overview
- `extract_smb_packets(pcap_file)`: Extracts SMB2 packets from the provided pcap file.
- `parse_smb_packets(smb_packets)`: Parses SMB2 packets to extract metadata (IP addresses, ports, etc.).
- `save_extracted_files(metadata, output_dir)`: Saves the parsed metadata as a JSON file in the specified output directory.
- `SMBExtractorError`: Custom exception to handle errors related to SMB packet extraction and parsing.
