2022-07-26 10:58:06 +00:00
# IPGeo
2024-10-21 19:09:42 +00:00
**IpGeo** is a Python tool to extract IP addresses from captured network traffic files (pcap/pcapng) and generate reports in various formats (JSON, CSV, TXT, Markdown) containing details about the geolocation of each IP in the packets.
2022-07-26 10:58:06 +00:00
### The report contains:
2024-10-21 19:09:42 +00:00
1. Country
2. Country Code
2022-07-26 10:58:06 +00:00
3. Region
4. Region Name
5. City
2024-10-21 19:09:42 +00:00
6. District
7. Zip
8. Latitude
9. Longitude
10. Timezone
11. ISP
12. Organization
13. IP Address
2022-07-26 10:58:06 +00:00
## Installation
2024-10-21 19:09:42 +00:00
Use the package manager [pip3 ](https://pip.pypa.io/en/stable/ ) to install the required modules:
2022-07-26 10:58:06 +00:00
```bash
2024-10-21 19:09:42 +00:00
pip3 install colorama requests pyshark
2022-07-26 10:58:06 +00:00
```
2024-10-21 19:09:42 +00:00
2022-07-26 10:58:06 +00:00
If you are not using Kali or ParrotOs or any other penetration distribution you need to install Tshark.
```bash
sudo apt install tshark
```
## Usage
2024-10-21 19:09:42 +00:00
You can run the script either interactively or by using command-line arguments:
Interactive Mode
2022-07-26 10:58:06 +00:00
```bash
python3 ipGeo.py
```
2024-10-21 19:09:42 +00:00
You will be prompted to enter the captured traffic file path and the desired output format (json, csv, txt, md).
Command-Line Mode
You can also specify the pcap file and output format directly in the command line:
```bash
python3 ipGeo.py < path_to_pcap_file > --format < output_format >
```
Example:
```bash
python3 ipGeo.py /path/to/your/file.pcap --format json
```
2022-07-26 10:58:06 +00:00
## Screenshot from the script
2022-09-12 23:28:24 +00:00
