How can I find IP and MAC address of attacker and victims from .pcap , which is capture from a man-in-the-middle attack!(IT-forensics).

I will be very thankful for your ansewr!

Under what condition do you suspect this mitm attack? if its a fake router or wifi point then comparing where your packet is comming from to where your router/modem claims it is comming from would be the easiest way. Otherwise there is no great catch-all for this attack.

Hi sir thanks for answer, itwas from wifi point.
Can you explain more please how can I find the ip of attacker?

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.