Have you ever wondered what could be passing or lurking in your network traffic? Four cybersecurity enthusiasts sought to learn and expand WireShark's(a popular network packet sniffer) capabilities by implementing it in GoLang and including vulnerability reporting. Drumroll everyone and please welcome GoShark!
What it does
GoShark uses a command line interface to prompt you to choose a network source, capture network packets, and produce a sleek vulnerability report. In a matter of minutes, you can watch what your internet requests can reveal.
How we built it
GoShark is written in GoLang. You may be wondering, how did we tell a language to capture some packets?
- Ask the user which network interface we can connect to
- Use a handy gopacket interface to capture packets
- Parse input using logical expressions and output to a file
- Send output file to a LaTeX formatter
- Read over final product!
Challenges we ran into
- Cross compatability across different operating systems: Windows, Linux, Mac
- Using some hard brain logic to parse network packets
- Gathering network data to create fleshed out information
- Formatting LaTeX tables to include our overflow of vulnerability notes
Accomplishments that we're proud of
Translating everyday network packets into meaningful security-related information!
What we learned
GoLang #pcap #Networks #RegEx #LaTeX #StayingUpIsHardforHalfofUs #StayingUpIsEasyforHalfofUs
What's next for GoShark
Fixing table formatting, gathering more vulnerable protocols, migrating packet data to GCP