User Experience on mobile might not be great yet, but I'm working on it.

Your first time on this page? Allow me to give some explanations.

Awesome PCAPTools

A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for the original authors.

Here you can see meta information about this topic like the time we last updated this page, the original creator of the awesome list and a link to the original GitHub repository.

Last Update: Aug. 7, 2022, 10:08 p.m.

Thank you caesar0301 & contributors
View Topic on GitHub:
caesar0301/awesome-pcaptools

Search for resources by name or description.
Simply type in what you are looking for and the results will be filtered on the fly.

Further filter the resources on this page by type (repository/other resource), number of stars on GitHub and time of last commit in months.

Distributed tcpdump for cloud native environments

654
29
24d
Apache-2.0

ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

613
85
11m
n/a

A wrapper/facade/whatever to enable/ease the use of jNetPcap (a libpcap based packet sniffing lib) in Clojure

62
30
3y 5m
n/a

A toolset for network packet capture in Cloud/Kubernetes and Virtualized environment.

880
154
9m
BSD-3-Clause

OpenFPC, Open Source Full Packet Capture

62
11
3y 6m
n/a

Official repository - Fully managed, cross platform (Windows, Mac, Linux) .NET library for capturing packets

891
231
71d
LGPL-3.0

Network Analysis Tool

1.9K
220
9m
GPL-3.0

Malicious HTTP traffic explorer

666
164
1y 9m
GPL-3.0

Protocol Analysis/Decoder Framework

450
117
2y 4m
n/a

fast, simple packet creation / parsing, with definitions for the basic TCP/IP protocols

848
230
10m
n/a

A multi-threading tool to sniff TCP flow statistics and embedded HTTP headers from PCAP file. Each TCP flow carrying HTTP is exported to text file in json format.

167
49
3y 7m
n/a

Ipsumdump and other programs for command-line network trace manipulation.

27
10
1y 8m
n/a

A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring.

1.1K
295
2y 4m
n/a

A high level C++ network packet sniffing and crafting library.

272
83
2y 24d
n/a

A portable framework for low-level network packet construction

680
225
12m
BSD-2-Clause

NFStream: a Flexible Network Data Analysis Framework.

729
76
9m
LGPL-3.0

A tool that provides a basic SQL-frontend to PCAP-files

369
49
9m
GPL-3.0

A convertor from .pcap network capture files to HTTP Archive files.

209
68
4y 46d
BSD-2-Clause

PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, WinPcap, DPDK and PF_RING.

1.72K
446
5m
Unlicense

A simple utility to classify packets into flows. It's so simple that only one task is aimed to finish. For Deep Packet Inspection or flow classification, it's so common to analyze the feature of one specific flow. I have make the attempt to use made-ready tools like tcpflows, tcpslice, tcpsplit, but all these tools try to either decrease the trace volume (under requirement) or resemble the packets into flow payloads (over requirement). I have not found a simple tool to classify the packets into flows without further processing. This is why this program is born.

125
45
3y 4m
MIT

Potiron - Normalize, Index and Visualize Network Capture

71
20
3y 5m
n/a

Automatically exported from code.google.com/p/socket-sentry

1
1
3y 7m
GPL-3.0

TCP/IP packet demultiplexer. Download from:

1.37K
224
6m
GPL-3.0

Pcap editing and replay tools for *NIX and Windows - Users please download source from

846
226
5m
n/a

High bandwidth for high-latency TCP connections

4
2
1y 60d
n/a

split a pcap file into smaller files on TCP flow boundaries

3
2
6y 0d
n/a

tcptrace is a tool written by Shawn Ostermann at Ohio University, for analysis of TCP dump files.

58
24
5y 4m
n/a

Process HTTP Pcaps With YARA

81
26
9y 12d
n/a

Yara is awesome, but sometimes you need to manipulate the data streams you're scanning in different ways.

91
12
7y 9m
n/a

An any-snarf program that processes application protocols (HTTP/FTP/...) from tcpdump or snoop files and stores session and file data

186
42
11m
n/a

Foremost is a console program to recover files based on their headers, footers, and internal data structures. c.f., http://foremost.sourceforge.net/

28
8
9y 7m
n/a

'Packet Capture Forensic Evidence eXtractor' is a tool that finds and extracts files from packet capture files

192
40
2y 5m
Apache-2.0

Scalpel is an open source data carving tool. It is not being actively maintained.

471
87
1y 4m
n/a

[pieces of] open source software of all time".

Capture tools

USB packet capture for Windows

596
141
1y 9m
n/a

Analysis