Skip to content
/ scapy_tls_example Public

Sniffing and decrypting TLS traffic with scapy example

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

PollyP/scapy_tls_example

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
scapy_tls_example.py
scapy_tls_example.py
 
 

Repository files navigation

scapy_tls_example

This example script connects to a HTTPS server while generating a NSS keys file, and sniffs the resulting traffic using Scapy. Then the sniffed traffic is turned into Scapy TLS layers while applying the NSS keys to decrypt the traffic. This example code works with TLS 1.2 only.

requirements

This code requires a recent version of Python3 and Scapy 2.5 or greater. You can get Scapy at https://scapy.net/. Documentation for Scapy is here: https://scapy.readthedocs.io/en/latest.

useful references

Much of the example code comes from the "Decrypt Manually" section of https://github.com/secdev/scapy/blob/master/doc/notebooks/tls/notebook3_tls_compromised.ipynb.

setting up the HTTPS server

I tested against a local HTTPS server; details (and thanks) to this gist: https://gist.github.com/dergachev/7028596.

license

This example code is released under the terms of the MIT license. Copyright 2023 P.S. Powledge

About

Sniffing and decrypting TLS traffic with scapy example

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages