Script parses through a pcap and looks for common SQL inject characteristics

Brief Description Simple python script that parses through a pcap and looks at the GET and POST request data for suspicious and possible SQL injects. Rules to check for SQL injection can be easily added. Output can be printed neatly on the command line or in tab delimited format. The output includes: * The suspicious IP address * The attacked webpage * The parameter and value used * The frame number of the packet within the pcap (can be used to find exactly where the packet is in Wireshark) * The reason why the request was flagged Tool Usage ``` This tool parses through a pcap file and looks for potential SQL injection attempts. usage: sqlinject-finder.py -f filename [-t] Options and arguments (and corresponding environment variables): -f, --filename : valid pcap file -t, --tab : prints output in tab delimited format -h, --help : shows this screen Example: #python sqlinject-finder.py -f capture.pcap #python sqlinject-f