# Pcap_Blur
`pcap_blur` is a command line tool for anonymizing network traffic captured in `.pcap` or `.pcapng` files in a simple yet secure way. The main purpose of this tool is to allow anyone to anonymize their own network traffic for research, testing, or educational purposes. The main focus of `pcap_blur` is on anonymization of Internet traffic under the TCP/IP stack.
## Installation
### Windows
1. Download and install [Python 3.10 or later](https://www.python.org/downloads/windows/) and [pip](https://pypi.org/project/pip/)
2. Download and install the latest version of [Npcap](https://nmap.org/npcap/)
> It is advised to turn **off** the `Winpcap compatibility mode` option during installation
3. Install `pcap_blur` using `pip`:
```bash
pip install pcap_blur
```
### Linux
1. Install [Python 3.10 or later](https://www.python.org/downloads/) and [pip](https://pypi.org/project/pip/)
2. Install [libpcap](https://www.tcpdump.org/)
For Debian based distributions:
```bash
sudo apt install libpcap-dev
```
For Fedora/Red Hat based distributions:
```bash
sudo yum install libpcap-devel
```
3. Install `pcap_blur` using `pip`:
```bash
pip install pcap_blur
```
## Usage
The main usage of `pcap_blur` is to anonymize a .pcap file. To do this, you can use the following command:
```bash
pcap_blur path/to/file.pcap
```
By default, the output file will be named `file_anonymized.pcap` and together with the log file will be saved in a folder named `output`. You can change the output folder and filename by using the `--outDir` and `--outName` options, respectively.
```bash
pcap_blur path/to/file.pcap --outDir /new_output_folder --outName new_name.pcap
```
You can also use the `--batch` option to anonymize multiple
capture files in a folder.
```bash
pcap_blur --batch /path/to/folder
```
Using this option, an `output` folder will be created in the specified folder and the anonymized files will be saved in it. All the logs will be saved individually under the `output/logs` folder. You can change the output folder by using the `--outDir` option.
```bash
pcap_blur --batch /path/to/folder --outDir /new_output_folder
```
You can use the `--validate` option to validate the anonymization of a .pcap file. This option will compare the original and anonymized files and search if any of the original information is found in the anonymized packets.
```bash
pcap_blur --validate path/to/original_file.pcap path/to/anonymized_file.pcap
```
Below is a table with all the command line options available for `pcap_blur`:
| Option | Description | Default |
| -------------------------------------------------------- | ------------------------------------------------------------------------------------------------- | -------------------------------------------------------------- |
| `path` | Path to the capture file to be anonymized. | None |
| `--batch` | Specify a folder for batch anonymization. | None |
| `--outDir ${directory}` | Set the output directory for the anonymized capture file(s). | `output` or `${original_folder}/output` if used with `--batch` |
| `--outName ${filename}` | Set the filename of the anonymized capture file. Can only be used with single file anonymization. | `${original_filename}.anon.pcap` |
| `--version` | Show the version of the tool. | None |
| `--validate ${original_filename} ${anonymized_filename}` | Validate the anonymization of a capture file. | None |
## Anonymization Policy
`pcap_blur` uses an anonymization policy defined by the original author (me) for a final project at the Federal University of CearĂ¡ (UFC), which is based on the following principles:
- Focus on anonymizing Internet traffic under the TCP/IP stack.
- Anonymization that provides a good balance between privacy and usability.
- Anonymization that is simple and easy to understand.
Below is a table of the fields that are anonymized and the anonymization method used:
| Field | Anonymization Method |
| ---------------- | ------------------------------------- |
| MAC Adresses | Double permutation |
| IP Adresses | Prefix-preserving pseudorandomization |
| Port Numbers | Permutation |
| Timestamps | Precision degradation |
| Application Data | Black marker |
You can find more information about the anonymization policy and other edge-case scenarios on the final paper (link to be added).
## Building from source
If you wish to use `pcap_blur` from source instead of using the pre-built binary or if you want to modify the source code before running it, you can follow these steps:
1. Install [Python 3.10 or later](https://www.python.org/downloads/)
2. Clone the repository:
```bash
git clone https://github.com/rafaelsilva81/pcap_blur.git
```
3. (Optionally) Initialize a virtual environment with [venv](https://docs.python.org/3/library/venv.html):
4. Install the dependencies:
```bash
pip install -r requirements.txt
```
5. Run the tool by executing the `main.py` script:
```bash
python main.py --version
```
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details
## Contributing
Contributions are welcome! Please file an issue or submit a pull request. For major changes, please open an issue first to discuss what you would like to change.
## Acknowledgments
- [Scapy](https://scapy.net/) - A powerful and flexible packet manipulation library for Python.
- [YaCryptoPan](https://github.com/yacryptopan/yacryptopan) - A Python library for CrpyoPAn, a cryptographic anonymization algorithm.
- [Netresec Publicly available PCAP files](https://netresec.com/?page=public-pcap-files) - A collection of publically available PCAP files for testing and research purposes.
Raw data
{
"_id": null,
"home_page": "https://github.com/rafaelsilva81/pcap-blur",
"name": "pcap-blur",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.10",
"maintainer_email": null,
"keywords": null,
"author": "Rafael Galdino da Silva",
"author_email": "rafaelgaldinosilva81@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/53/7d/a56a425cd7d7600d4d41dfd7d6a6a32323003164e811ef09d5271caded8c/pcap_blur-2.0.1.tar.gz",
"platform": null,
"description": "# Pcap_Blur\n\n`pcap_blur` is a command line tool for anonymizing network traffic captured in `.pcap` or `.pcapng` files in a simple yet secure way. The main purpose of this tool is to allow anyone to anonymize their own network traffic for research, testing, or educational purposes. The main focus of `pcap_blur` is on anonymization of Internet traffic under the TCP/IP stack.\n\n## Installation\n\n### Windows\n\n1. Download and install [Python 3.10 or later](https://www.python.org/downloads/windows/) and [pip](https://pypi.org/project/pip/)\n\n2. Download and install the latest version of [Npcap](https://nmap.org/npcap/)\n\n> It is advised to turn **off** the `Winpcap compatibility mode` option during installation\n\n3. Install `pcap_blur` using `pip`:\n\n```bash\npip install pcap_blur\n```\n\n### Linux\n\n1. Install [Python 3.10 or later](https://www.python.org/downloads/) and [pip](https://pypi.org/project/pip/)\n\n2. Install [libpcap](https://www.tcpdump.org/)\n\nFor Debian based distributions:\n\n```bash\nsudo apt install libpcap-dev\n```\n\nFor Fedora/Red Hat based distributions:\n\n```bash\nsudo yum install libpcap-devel\n```\n\n3. Install `pcap_blur` using `pip`:\n\n```bash\npip install pcap_blur\n```\n\n## Usage\n\nThe main usage of `pcap_blur` is to anonymize a .pcap file. To do this, you can use the following command:\n\n```bash\npcap_blur path/to/file.pcap\n```\n\nBy default, the output file will be named `file_anonymized.pcap` and together with the log file will be saved in a folder named `output`. You can change the output folder and filename by using the `--outDir` and `--outName` options, respectively.\n\n```bash\npcap_blur path/to/file.pcap --outDir /new_output_folder --outName new_name.pcap\n```\n\nYou can also use the `--batch` option to anonymize multiple\ncapture files in a folder.\n\n```bash\npcap_blur --batch /path/to/folder\n```\n\nUsing this option, an `output` folder will be created in the specified folder and the anonymized files will be saved in it. All the logs will be saved individually under the `output/logs` folder. You can change the output folder by using the `--outDir` option.\n\n```bash\npcap_blur --batch /path/to/folder --outDir /new_output_folder\n```\n\nYou can use the `--validate` option to validate the anonymization of a .pcap file. This option will compare the original and anonymized files and search if any of the original information is found in the anonymized packets.\n\n```bash\npcap_blur --validate path/to/original_file.pcap path/to/anonymized_file.pcap\n```\n\nBelow is a table with all the command line options available for `pcap_blur`:\n\n| Option | Description | Default |\n| -------------------------------------------------------- | ------------------------------------------------------------------------------------------------- | -------------------------------------------------------------- |\n| `path` | Path to the capture file to be anonymized. | None |\n| `--batch` | Specify a folder for batch anonymization. | None |\n| `--outDir ${directory}` | Set the output directory for the anonymized capture file(s). | `output` or `${original_folder}/output` if used with `--batch` |\n| `--outName ${filename}` | Set the filename of the anonymized capture file. Can only be used with single file anonymization. | `${original_filename}.anon.pcap` |\n| `--version` | Show the version of the tool. | None |\n| `--validate ${original_filename} ${anonymized_filename}` | Validate the anonymization of a capture file. | None |\n\n## Anonymization Policy\n\n`pcap_blur` uses an anonymization policy defined by the original author (me) for a final project at the Federal University of Cear\u00e1 (UFC), which is based on the following principles:\n\n- Focus on anonymizing Internet traffic under the TCP/IP stack.\n- Anonymization that provides a good balance between privacy and usability.\n- Anonymization that is simple and easy to understand.\n\nBelow is a table of the fields that are anonymized and the anonymization method used:\n\n| Field | Anonymization Method |\n| ---------------- | ------------------------------------- |\n| MAC Adresses | Double permutation |\n| IP Adresses | Prefix-preserving pseudorandomization |\n| Port Numbers | Permutation |\n| Timestamps | Precision degradation |\n| Application Data | Black marker |\n\nYou can find more information about the anonymization policy and other edge-case scenarios on the final paper (link to be added).\n\n## Building from source\n\nIf you wish to use `pcap_blur` from source instead of using the pre-built binary or if you want to modify the source code before running it, you can follow these steps:\n\n1. Install [Python 3.10 or later](https://www.python.org/downloads/)\n\n2. Clone the repository:\n\n```bash\ngit clone https://github.com/rafaelsilva81/pcap_blur.git\n```\n\n3. (Optionally) Initialize a virtual environment with [venv](https://docs.python.org/3/library/venv.html):\n\n4. Install the dependencies:\n\n```bash\npip install -r requirements.txt\n```\n\n5. Run the tool by executing the `main.py` script:\n\n```bash\npython main.py --version\n```\n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details\n\n## Contributing\n\nContributions are welcome! Please file an issue or submit a pull request. For major changes, please open an issue first to discuss what you would like to change.\n\n## Acknowledgments\n\n- [Scapy](https://scapy.net/) - A powerful and flexible packet manipulation library for Python.\n- [YaCryptoPan](https://github.com/yacryptopan/yacryptopan) - A Python library for CrpyoPAn, a cryptographic anonymization algorithm.\n- [Netresec Publicly available PCAP files](https://netresec.com/?page=public-pcap-files) - A collection of publically available PCAP files for testing and research purposes.\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Pcap Blur is a command line tool that anonymizes network traffic.",
"version": "2.0.1",
"project_urls": {
"Homepage": "https://github.com/rafaelsilva81/pcap-blur"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "e9b5000e5165dbdfc433dc63f622553e5d75cab512ab02c2402b2f62c4e7652e",
"md5": "266be62b7e8a33da42b6b50b2d694eea",
"sha256": "e60e9947e963e75e112722029b981f0235aae22ae8145ea30d01a2b120ab8356"
},
"downloads": -1,
"filename": "pcap_blur-2.0.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "266be62b7e8a33da42b6b50b2d694eea",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.10",
"size": 19505,
"upload_time": "2024-08-06T22:36:57",
"upload_time_iso_8601": "2024-08-06T22:36:57.920525Z",
"url": "https://files.pythonhosted.org/packages/e9/b5/000e5165dbdfc433dc63f622553e5d75cab512ab02c2402b2f62c4e7652e/pcap_blur-2.0.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "537da56a425cd7d7600d4d41dfd7d6a6a32323003164e811ef09d5271caded8c",
"md5": "2ca1b277758749b49c1cf6dde3038809",
"sha256": "855863b4bab4efddc9fdd20fccad2789b2936c8e1ceab1c13729af9596c925f8"
},
"downloads": -1,
"filename": "pcap_blur-2.0.1.tar.gz",
"has_sig": false,
"md5_digest": "2ca1b277758749b49c1cf6dde3038809",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10",
"size": 15714,
"upload_time": "2024-08-06T22:36:59",
"upload_time_iso_8601": "2024-08-06T22:36:59.960948Z",
"url": "https://files.pythonhosted.org/packages/53/7d/a56a425cd7d7600d4d41dfd7d6a6a32323003164e811ef09d5271caded8c/pcap_blur-2.0.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-08-06 22:36:59",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "rafaelsilva81",
"github_project": "pcap-blur",
"github_not_found": true,
"lcname": "pcap-blur"
}
JSON
