Your first time on this page? Allow me to give some explanations.
Awesome PCAPTools
A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for the original authors.
Here you can see meta information about this topic like the time we last updated this page, the original creator of the awesome list and a link to the original GitHub repository.
Thank you caesar0301 & contributors
View Topic on GitHub:
caesar0301/awesome-pcaptools
Search for resources by name or description.
Simply type in what you are looking for and the results will be filtered on the fly.
Further filter the resources on this page by type (repository/other resource), number of stars on GitHub and time of last commit in months.
Distributed tcpdump for cloud native environments
ngrep is like GNU grep applied to the network layer. It's a PCAP-based tool that allows you to specify an extended regular or hexadecimal expression to match against data payloads of packets. It understands many kinds of protocols, including IPv4/6, TCP, UDP, ICMPv4/6, IGMP and Raw, across a wide variety of interface types, and understands BPF filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.
A wrapper/facade/whatever to enable/ease the use of jNetPcap (a libpcap based packet sniffing lib) in Clojure
A toolset for network packet capture in Cloud/Kubernetes and Virtualized environment.
OpenFPC, Open Source Full Packet Capture
Official repository - Fully managed, cross platform (Windows, Mac, Linux) .NET library for capturing packets
Network Analysis Tool
Malicious HTTP traffic explorer
Protocol Analysis/Decoder Framework
fast, simple packet creation / parsing, with definitions for the basic TCP/IP protocols
A multi-threading tool to sniff TCP flow statistics and embedded HTTP headers from PCAP file. Each TCP flow carrying HTTP is exported to text file in json format.
Ipsumdump and other programs for command-line network trace manipulation.
A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring.
A high level C++ network packet sniffing and crafting library.
A portable framework for low-level network packet construction
NFStream: a Flexible Network Data Analysis Framework.
A tool that provides a basic SQL-frontend to PCAP-files
A convertor from .pcap network capture files to HTTP Archive files.
PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, WinPcap, DPDK and PF_RING.
A simple utility to classify packets into flows. It's so simple that only one task is aimed to finish. For Deep Packet Inspection or flow classification, it's so common to analyze the feature of one specific flow. I have make the attempt to use made-ready tools like tcpflows, tcpslice, tcpsplit, but all these tools try to either decrease the trace volume (under requirement) or resemble the packets into flow payloads (over requirement). I have not found a simple tool to classify the packets into flows without further processing. This is why this program is born.
Potiron - Normalize, Index and Visualize Network Capture
Automatically exported from code.google.com/p/socket-sentry
TCP/IP packet demultiplexer. Download from:
Pcap editing and replay tools for *NIX and Windows - Users please download source from
High bandwidth for high-latency TCP connections
split a pcap file into smaller files on TCP flow boundaries
tcptrace is a tool written by Shawn Ostermann at Ohio University, for analysis of TCP dump files.
Process HTTP Pcaps With YARA
Yara is awesome, but sometimes you need to manipulate the data streams you're scanning in different ways.
An any-snarf program that processes application protocols (HTTP/FTP/...) from tcpdump or snoop files and stores session and file data
Foremost is a console program to recover files based on their headers, footers, and internal data structures. c.f., http://foremost.sourceforge.net/
'Packet Capture Forensic Evidence eXtractor' is a tool that finds and extracts files from packet capture files
Scalpel is an open source data carving tool. It is not being actively maintained.
Capture tools
USB packet capture for Windows
Analysis
Some set of scripts to unpack odin packets into separate files
Hadoop library to read packet capture (PCAP) files