I have captured .pcap file for a webpage and I have read it through scapy with python. I was wondering if there is a way to determine the direction of a packet. I am trying to perform fingerprinting on tor to see how it works
PS: I am really new to scapy so I am unsure if there is a direct method. I would really appreciate the help.
You cannot use scapy to collect traffic on a direction directly. If you want to do that, use tcpdump or tshark with the -Q in or -Q out.
What you can likely do is look at the contents of a packet and see which MAC/IP address or TCP/UDP port is sender/receiver for the protocol you're looking at. For example, if you see traffic destined for port 80, and you have a webserver, (and other destination information matches) then that's incoming traffic.
Keep in mind that you can sniff in scapy with a BPF filter, but that traffic direction is outside of that, and filtering by one of the above will work better.