Violent-Python-Examples/Chapter-4/7-testFastFlux.py at master · xalgorithm/Violent-Python-Examples

30 lines (23 loc) · 709 Bytes

#!/usr/bin/python
# -*- coding: utf-8 -*-
from scapy.all import *
dnsRecords = {}
def handlePkt(pkt):
    if pkt.haslayer(DNSRR):
        rrname = pkt.getlayer(DNSRR).rrname
        rdata = pkt.getlayer(DNSRR).rdata
        if dnsRecords.has_key(rrname):
            if rdata not in dnsRecords[rrname]:
                dnsRecords[rrname].append(rdata)
        else:
            dnsRecords[rrname] = []
            dnsRecords[rrname].append(rdata)
def main():
    pkts = rdpcap('fastFlux.pcap')
    for pkt in pkts:  
        handlePkt(pkt)
    for item in dnsRecords:
        print '[+] '+item+' has '+str(len(dnsRecords[item])) \
            + ' unique IPs.'
if __name__ == '__main__':

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

FilesExpand file tree

7-testFastFlux.py

Latest commit

History

7-testFastFlux.py

File metadata and controls