AI-powered network packet analyzer that detects C2 communication, data exfiltration, and lateral movement from pcap or tcpdump output.
AI-powered network packet analyzer that detects C2 communication, data exfiltration, and lateral movement from pcap or tcpdump output. This tool is designed for security professionals who want to augment their workflows with AI-driven intelligence, reducing manual analysis time and surfacing actionable insights faster.
- AI-Driven Analysis — Leverages GPT-4.1 for deep contextual reasoning beyond simple pattern matching.
- Rich Terminal Output — Color-coded, structured output with tables and formatted Markdown.
- Flexible Input — Accepts files, stdin pipes, and direct arguments for seamless workflow integration.
- MITRE ATT&CK Integration — Maps findings to the ATT&CK framework where applicable.
- Actionable Output — Every analysis includes concrete remediation and response recommendations.
git clone https://github.com/rawqubit/ai-packet-analyzer.git
cd ai-packet-analyzer
pip install -r requirements.txt
export OPENAI_API_KEY="your-api-key-here"python main.py analyze-pcap capture.pcap --focus "C2 detection"
tcpdump -r capture.pcap -n | python main.py analyze-text -
python main.py analyze-text tshark_output.txtRun python main.py --help for full usage information.
- Python 3.9+
- OpenAI API key (set as
OPENAI_API_KEYenvironment variable)
MIT License — see LICENSE for details.