#Pcap
Showing 52 of 52 repositories tagged #pcap, ranked by stars
Comfortably monitor your Internet traffic ๐ต๏ธโโ๏ธ
Scapy: the Python-based interactive packet manipulation program & library.
eBPF-powered network observability for Kubernetes. Indexes L4/L7 traffic with full K8s context, decrypts TLS without keys. Queryable by AI agents via MCP and humans via dashboard.
jq for binary formats - tool, language and decoders for working with binary and text formats
A terminal UI for tshark, inspired by Wireshark
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
Arkime is an open source, large scale, full packet capturing, indexing, and database system.
๐ธ Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! ๐งโโ๏ธ
No-root network monitor, firewall and PCAP dumper for Android
Network Analysis Tool
the TCPdump network dissector
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
HOMER - 100% Open-Source SIP, VoIP, RTC Packet Capture & Monitoring
:snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
Process-aware, eBPF-based tcpdump
NFStream: a Flexible Network Data Analysis Framework.
โญ โญ Use ML to classify flows and packets as benign or malicious. โญ โญ
Ncurses SIP Messages flow viewer
Malcom - Malware Communications Analyzer
A Software Probe for network packet capturing and forwarding in Cloud/Kubernetes and Virtualized environment.
Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
Network packet and pcap file crafting/sniffing/manipulation/visualization security tool. Originally forked from scapy in 2015 and providing python3 compatibility since then.
๐ค A modern alternative network traffic sniffer.
Tenzir is the data pipeline engine for security teams.
Grab your DNS logs, detect anomalies, and finally understand what's happening on your network. The missing piece between DNS servers and your data stack.
tcpterm is a packet visualizer in TUI.
Poseidon is a python-based application that leverages software defined networks (SDN) to acquire and then feed network traffic to a number of machine learning techniques. The machine learning algorithms classify and predict the type of device.
CLI - Analyze WPA/WPA2 handshakes from FlipperZero's captured .pcaps to find out the WiFi Passwords.
Passive DNS Capture and Monitoring Toolkit
Packet monster (ใฃโ-โ)โฎ=ออออโ ใฝ( '-'ใฝ) TUI tool for sending packets of arbitrary input and monitoring packets on any network interfaces (default: eth0). Windows/macOS/Linux
Python-based Comprehensive Network Packet Analysis Library
The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite framework, it rather has its own code and is raw source with over 270+ options. This framework might just be your everyday key to your workflow
The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.
Network traffic analysis tool for Attack & Defense CTF's
PCYBOX Orbis - Real-time network traffic visualizer. Force graph, world map, anomaly detection, process attribution. Free Windows app.
(SIGCOMM '22) Practical GAN-based Synthetic IP Header Trace Generation using NetShare
Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
A Go library for accessing the IEX Developer API.
Packet communication investigator
Scripts to help to detect anomalies in pcap file. Anomaly Detection using tensorflow and tshark.
Rust library for obtaining and sending raw network packets from interfaces.
Simple CLI MITM tool that transforms SOCKS4/SOCKS5 proxy into HTTP/HTTPS/HTTP2/HTTP3 proxy with IPv4/IPv6 support for TCP/UDP Transparent Proxy (Redirect and TProxy), Proxychains, ARP/NDP/RA/RDNSS spoofing, RA Guard evasion, DNS spoofing, DNS filtering and Traffic Capture/Sniffing. No CGO, no libpcap, pure Go with minimum third-party dependencies.
Network inspection library for Node
Fluere is a powerful and versatile tool designed for network monitoring and analysis. It is capable of capturing network packets in pcap format and converting them into NetFlow data, providing a comprehensive view of network traffic. It also Provides Terminal User Interface.
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
ICMPWatch: ICMP Packet Sniffer
PCAP-over-IP server written in Golang
Squey is an open-source cross-platform visualization software designed to interactively explore and understand large amounts of tabular data (this is the read-only mirror of https://gitlab.com/squey/squey)
This program allow you to extract some features from pcap files.
heiFIP: A tool to convert network traffic into images for ML use cases
SNORT GUI: sniff sniffs the baddies and helps you setup SNORT ids in your network
Self-hosted PCAP analysis platform with LLM-powered incident triage, signature-based threat detection, and AI-generated incident narratives. Features network change monitoring across captures, deep packet inspection via nDPI, and automated Wireshark filter generation. Runs fully offline with local LLMs (Ollama, LM Studio).