diff --git a/README.md b/README.md index 16a72fd..1b461ef 100644 --- a/README.md +++ b/README.md @@ -1,42 +1,59 @@ # IPGeo -IpGeo is a python tool to extract IP addresses from captured network traffic file (pcap/pcapng) and generate csv report containing details about the geolocation of each ip in the packets. +**IpGeo** is a Python tool to extract IP addresses from captured network traffic files (pcap/pcapng) and generate reports in various formats (JSON, CSV, TXT, Markdown) containing details about the geolocation of each IP in the packets. ### The report contains: -1. Country: -2. Country Code. +1. Country +2. Country Code 3. Region 4. Region Name 5. City -6. Zip -7. Latitude -8. Longitude -9. Timezone -10. Isp -11. Org -12. Ip +6. District +7. Zip +8. Latitude +9. Longitude +10. Timezone +11. ISP +12. Organization +13. IP Address ## Installation -Use the package manager [pip3](https://pip.pypa.io/en/stable/) to install required modules. +Use the package manager [pip3](https://pip.pypa.io/en/stable/) to install the required modules: ```bash -pip3 install colorama -pip3 install requests -pip3 install pyshark +pip3 install colorama requests pyshark ``` + If you are not using Kali or ParrotOs or any other penetration distribution you need to install Tshark. ```bash sudo apt install tshark ``` - ## Usage +You can run the script either interactively or by using command-line arguments: + +Interactive Mode + ```bash python3 ipGeo.py -# then you will enter captured traffic file path ``` + +You will be prompted to enter the captured traffic file path and the desired output format (json, csv, txt, md). + +Command-Line Mode + +You can also specify the pcap file and output format directly in the command line: + +```bash +python3 ipGeo.py --format +``` + +Example: +```bash +python3 ipGeo.py /path/to/your/file.pcap --format json +``` + ## Screenshot from the script ![ipGeo](https://user-images.githubusercontent.com/89426041/189775552-78dfb962-23ba-46e7-b1f0-3e31ef54ebd3.png) -