A Python-based network security tool that captures and analyzes live network traffic, identifies social media platform activity, and flags potential threats in real time.
- Captures live network packets on a specified interface
- Identifies and filters traffic from major social media platforms (Instagram, Twitter/X, Facebook, etc.)
- Analyzes packet metadata for anomalies and threat indicators
- Flags suspicious patterns such as unusual data volumes, port scanning, and unauthorized requests
- Outputs a real-time threat log with severity classification
| Tool | Purpose |
|---|---|
| Python 3 | Core language |
| Scapy | Packet capture and analysis |
| Socket | Network interface handling |
| Linux | Target OS for packet capture |
- Linux OS (tested on Ubuntu)
- Python 3.x installed
- Root/sudo privileges (required for raw packet capture)
pip install scapysudo python3 sniffer.pysudo python3 sniffer.py --interface eth0socialmediapacketsniffer/
│
├── sniffer.py # Main packet capture engine
├── analyzer.py # Threat analysis and classification logic
├── platforms.py # Social media IP/domain mapping
├── logger.py # Real-time threat logging
└── README.md
[INFO] Capturing on interface: wlan0
[INFO] Packet #1042 — Instagram CDN traffic detected
[WARN] Unusual data volume from 192.168.1.105 → flagging for review
[ALERT] Possible port scan detected from external IP: 103.21.244.0
[INFO] Threat log saved to: threat_log_2025.txt
- Network intrusion detection on local systems
- Monitoring unauthorized social media access on restricted networks
- Educational demonstration of packet-level network analysis
- Foundation for more advanced IDS (Intrusion Detection System) development
This tool is intended for educational and authorized network monitoring purposes only. Do not use on networks you do not own or have explicit permission to monitor.
Ashlin George
