Home

Awesome

PyPI Python versions Build Status Coverage Status

This project is no longer maintained

aptdetector

Advanced Persistent Threat Detection by Using Network Analysis

aptdetector is a simple try to gather all means of malware detection from network analysis in one place, for educational purposes only.

aptdetector is tested against Python 3.4, 3.5, and PyPy. Full and extensive docs would be available at Read The Docs. See what's new by checking the CHANGELOG.

Installation

aptdetector can be added to a project in a few ways. There's the obvious one:

    pip install aptdetector

then, thanks to PyPI, aptdetector is just an import away:

    import aptdetector

and if that did not work, you can use:

    git clone https://github.com/abzcoding/pcap-parser.git
    cd pcap-parser
    python setup.py install
    cd ../
    git clone https://github.com/abzcoding/aptdetector.git
    cd aptdetector
    python setup.py install

However, due to the nature of utilities, application developers might dependencies. See the Integration section of the docs

Status

Stage Zero is now completed. you can use v0.1.4 of software to test it:

    from aptdetector.network.sniffer import BaseSniffer
    sni = BaseSniffer()
    sni.pcap_file='examples/test.pcap'
    sni.parse()
    print(sni.connections(source='173.244.195.17',show_port=True,simplify=True))
    print(sni.connections(destination='192.168.204.136',show_port=False,simplify=True))

you can check out the Stages if you want to get a sense of project roadmap.

Disclaimer

Please do not use this program in production!! it's an educational project only.

References

I've based my work loosely on some respectful papers that i've linked below:

Gaps

Found something missing in the in aptdetector? something is broken in aptdetector? If you are very motivated, submit a Pull Request. Otherwise, submit a short feature request on the Issues page, and we will figure something out.