Linux commands<a name="linuxcmds"></a>
19 projectsCapture<a name="capture"></a>
14 projects
Deepfence PacketStreamerDistributed tcpdump for cloud native environments, capturing and streaming network packets from multiple hosts to a central receiver.
clj-net-pcapA Clojure wrapper for jNetPcap that simplifies packet capturing and network traffic analysis.
Netis Packet AgentA software probe for capturing and forwarding network packets in cloud, Kubernetes, and virtualized environments.
OpenFPCA lightweight full-packet network traffic recorder and buffering tool for commodity hardware.
PCAPdroidA no-root Android app for monitoring, analyzing, and blocking app network traffic with PCAP export and TLS decryption.
pmacctA lightweight suite of passive network monitoring tools supporting NetFlow, sFlow, IPFIX, libpcap, and BGP telemetry.
sharppcapA fully managed, cross-platform .NET library for capturing network packets from live devices and files.
Analysis/Inspection<a name="analysis"></a>
56 projects
BruteSharkA Network Forensic Analysis Tool (NFAT) for deep inspection of PCAP files and live traffic, extracting credentials, building network maps, and reconstructing sessions.
CapTipperA Python tool to analyze, explore, and revive malicious HTTP traffic from PCAP files for security research.
chopshopA Python framework for creating protocol decoders and detectors to analyze APT tradecraft in network traffic.
DPKTA Python library for fast packet creation and parsing with definitions for basic TCP/IP protocols.
EttercapA comprehensive suite for man-in-the-middle attacks, featuring live connection sniffing, content filtering, and protocol dissection.
HttpSnifferA multi-threading tool to sniff TCP flow statistics and extract HTTP headers from live traffic or PCAP files.
JoyA libpcap-based package for extracting and analyzing network flow data in JSON format for security research and monitoring.
libcrafterA high-level C++ library for crafting, decoding, and sniffing network packets with a Scapy-like interface.
LibnetA portable C library for constructing and injecting network packets at IP and link layers.
nfdumpA suite of tools for collecting, processing, and analyzing NetFlow, IPFIX, and sFlow data from network devices.
NFStreamA flexible Python framework for fast network flow data analysis, offering encrypted application identification, statistical feature extraction, and extensibility via plugins.
packemonA cross-platform TUI tool for generating arbitrary network packets and monitoring traffic on any interface.
PacketQA command-line tool that runs SQL queries directly on PCAP files and includes a built-in web server for remote inspection.
PcapPlusPlusA multiplatform C++ library for capturing, parsing, and crafting network packets with wrappers for libpcap, DPDK, and PF_RING.
pkt2flowA cross-platform utility that classifies network packets into flows using the essential 4-tuple (src_ip, dst_ip, src_port, dst_port).
potironA tool to normalize, index, enrich, and visualize network packet captures (pcap) using Redis and interactive web graphics.
tcpflowA TCP/IP packet demultiplexer that captures and reconstructs TCP connections into separate files for protocol analysis and forensics.
tcpreplayA suite of utilities for editing and replaying previously captured network traffic (pcap files) on Unix and Windows systems.
yaraPcapA Python tool that extracts HTTP streams from PCAP files and scans them with YARA rules for security analysis.
DNS Utilities <a name="dnstools"></a>
5 projectsFile Extraction<a name="fileextraction"></a>
9 projects
ChaosreaderA Perl tool that extracts and reassembles application sessions and files from network packet captures for analysis and replay.
pcapfexA Python tool that finds and extracts files from packet capture (pcap) files for forensic analysis.