Phishing Traffic Analysis and Malware Presence Confirmation using Wireshark and Scapy

Malware Traffic Analysis   Introduction Phishing is a common form of cyberattack where users are tricked into revealing sensitive information such as login credentials through fake websites. These attacks are often delivered via malicious emails containing deceptive links. In this work, a real-world phishing traffic capture (PCAP file) was analyzed using Wireshark and Scapy. The goal is to identify malicious activity, reconstruct the phishing workflow, and confirm malware presence through packet-level evidence and network behavior analysis. Objectives To analyze phishing traffic using Wireshark To extract HTTP requests and credentials using Scapy To confirm malware presence through packet-level evidence To study traffic behavior using graphs and throughput analysis PCAP Source Link PCAP file obtained from:  https://www.malware-traffic-analysis.net/2024/08/29/index.html PCAP Description The PCAP file contains network traffic generated from a phishing...