把 Wireshark/tshark 封装成结构化 MCP Tools：让智能体对 PCAP 做过滤、时间线、下钻、会话跟踪与导表，输出可控且安全可审计。 Turn Wireshark/tshark into structured MCP tools for PCAP troubleshooting: filtering, timelines, drill-down, session follow, and packet list exports with controlled output and safety boundaries.

Analysis and Visualization of network traffic from data centres based on trace.pcap file.

I do not know what I am doing yet! But it is my research!

AirSentinel is a Python-based cross-platform tool with a PyQt5 GUI for live Wi-Fi scanning and offline PCAP analysis. It detects network details, assigns risk levels, and exports results in JSON, Markdown, or PDF, making it valuable for cybersecurity research and testing.

A comprehensive web application for replaying network packet capture (PCAP) files using tcpreplay. Built with React frontend, Flask backend, and fully containerized with Docker.

Network Traffic Analysis using Wireshark to detect Redline Stealer C2 communications. Includes PCAP analysis, IOCs, and incident report.

A command-line companion for in-depth network traffic analysis, enabling security insights and statistical overview from PCAP files.

Sniffing network traffic with Python for real-time or PCAP analysis.

AEGIS-Omega is a high-performance, hybrid multi-layer Intrusion Detection System (IDS). It features a 4-layer detection strategy—Signature Analysis, Autoencoder Anomaly Detection, BiLSTM Deep Learning, and Ensemble Fusion—to identify attack types with 95% F1-score. Includes a FastAPI backend, React dashboard, and PCAP,Netflow analysis.

Machine learning-enhanced DNS tunneling detection system achieving 100% accuracy across multiple tunneling tools

PCAP-based analysis of CryptoLocker and Word-Dropper malware samples using Wireshark and REMnux. Focus on DNS, HTTP, and TLS artifacts to identify adversary behavior and exfiltration attempts.

Professional VoIP diagnostic tool - Analyzes PCAP files and detects one-way audio, NAT issues, call quality problems

GREP for PCAP files

A lightweight packet analyzer tool featuring a user-friendly GUI interface using Npcap and wxWidgets.

Demonstrating a man-in-the-middle (MITM) attack using ARP spoofing on three Kali Linux VMs in VirtualBox. The attacker (Kali 1) intercepts ping traffic between two victims (Kali 2 and Kali 3) with Ettercap, captures it with Wireshark, and analyzes the PCAP to verify redirection.

Blue Team CTF: Recovered deleted security footage from a .pcap file using Wireshark, Python, and FFmpeg. Demonstrates real-world forensic skills in network packet analysis, MJPEG stream extraction, and flag hunting. Challenge from TryHackMe's “Security Footage” room.

AI-Powered Anomaly Detection System for Network Security. Features a real-time data pipeline for raw PCAP traffic and ML models (Decision Tree, Random Forest, TensorFlow MLP) for detecting attacks.

ShadowParse is a high-fidelity PCAP forensics engine designed for automated deep packet inspection and cryptographic discovery. Developed to streamline CTF investigations and network traffic analysis, it features the DeepRead Integration for recursive decoding of obfuscated payloads.

Files and Writeup-ish for CERT-SE CTF 2025

A high-performance cybersecurity system benchmarking SQLi/XSS detection (99.9% accuracy on CICIDS2017) and featuring a custom Docker-based stress testing pipeline for real-world validation.