Pa Toolkit - A Collection Of Traffic Analysis Plugins Focused On Security


PA Toolkit is a collection of traffic analysis plugins to extend the functionality of Wireshark from a micro-analysis tool together with protocol dissector to the macro analyzer together with threat hunter. PA Toolkit contains plugins (both dissectors together with taps) roofing diverse scenarios for multiple protocols, including:
  • WiFi (WiFi network summary, Detecting beacon, deauth floods etc.)
  • HTTP (Listing all visited websites, downloaded files)
  • HTTPS (Listing all websites opened on HTTPS)
  • ARP (MAC-IP table, Detect MAC spoofing together with ARP poisoning)
  • DNS (Listing DNS servers used together with DNS resolution, Detecting DNS Tunnels)
The projection is nether active evolution together with to a greater extent than plugins volition hold out added inward almost future.
This cloth was created piece working on "Traffic Analysis: TSHARK Unleashed" course. Those interested tin banking concern gibe the course of pedagogy here: https://www.pentesteracademy.com/course?id=42

Installation
Steps:
  1. Copy the "plugins" directory to Wireshark plugins directory.
  2. Start wireshark. :)
One tin cash inward one's chips the place of wireshark plugins directory past times checking Help > About Wireshark > Folders



Tool featured at

Author
Under the guidance of Mr. Vivek Ramachandran, CEO, Pentester Academy


Documentation
For to a greater extent than details refer to the "PA-Toolkit.pdf" PDF file. This file contains the slide deck used for presentations.


Screenshots
PA Toolkit subsequently installation


List of websites visited over HTTP


Search functionality


Domain to IP mappings