usbpcap by desowin

USB packet capture for Windows

created at Feb. 23, 2013, 10:47 p.m.

C

73 +0

926 +2

173 +0

GitHub
ipsumdump by kohler

Ipsumdump and other programs for command-line network trace manipulation.

created at Jan. 26, 2013, 4:53 p.m.

C++

6 +0

37 +0

10 +0

GitHub
foremost by jonstewart

Foremost is a console program to recover files based on their headers, footers, and internal data structures. c.f., http://foremost.sourceforge.net/

created at Jan. 10, 2013, 9:08 p.m.

C

3 +0

51 +0

6 +0

GitHub
yaraprocessor by MITRECND

Yara is awesome, but sometimes you need to manipulate the data streams you're scanning in different ways.

created at Jan. 10, 2013, 6:49 p.m.

Python

26 +0

97 +0

11 +0

GitHub
pkt2flow by caesar0301

A simple utility to classify packets into flows. It's so simple that only one task is aimed to finish. For Deep Packet Inspection or flow classification, it's so common to analyze the feature of one specific flow. I have make the attempt to use made-ready tools like tcpflows, tcpslice, tcpsplit, but all these tools try to either decrease the trace volume (under requirement) or resemble the packets into flow payloads (over requirement). I have not found a simple tool to classify the packets into flows without further processing. This is why this program is born.

created at Dec. 20, 2012, 1:17 p.m.

C

13 +0

166 +0

46 +0

GitHub
http-sniffer by caesar0301

A multi-threading tool to sniff TCP flow statistics and embedded HTTP headers from PCAP file. Each TCP flow carrying HTTP is exported to text file in json format.

created at Dec. 1, 2012, 9:58 a.m.

C

12 +0

188 +0

51 +0

GitHub
clj-net-pcap by ruedigergad

A wrapper/facade/whatever to enable/ease the use of jNetPcap (a libpcap based packet sniffing lib) in Clojure

created at Nov. 13, 2012, 8:13 p.m.

Java

7 +0

67 +0

30 +0

GitHub
libcrafter by pellegre

A high level C++ network packet sniffing and crafting library.

created at Oct. 29, 2012, 2:24 a.m.

C++

34 +0

300 +1

88 +0

GitHub
chopshop by MITRECND

Protocol Analysis/Decoder Framework

created at Sept. 18, 2012, 5:51 p.m.

Python

71 +0

489 +0

112 +0

GitHub
dpkt by kbandla

fast, simple packet creation / parsing, with definitions for the basic TCP/IP protocols

created at June 6, 2012, 6:39 p.m.

Python

51 +0

1,096 +1

271 +0

GitHub
tcpflow by simsong

TCP/IP packet demultiplexer. Download from:

created at April 1, 2012, 12:44 a.m.

C++

79 +0

1,686 +1

237 +0

GitHub
tcptrace by blitz

tcptrace is a tool written by Shawn Ostermann at Ohio University, for analysis of TCP dump files.

created at Jan. 4, 2012, 1:42 p.m.

C

12 +0

76 +0

26 +0

GitHub
hadoop-pcap by RIPE-NCC

Hadoop library to read packet capture (PCAP) files

created at Oct. 2, 2011, 12:59 p.m.

Java

40 +0

208 +0

100 +0

GitHub
PacketQ by DNS-OARC

A tool that provides a basic SQL-frontend to PCAP-files

created at Feb. 7, 2011, 3:29 p.m.

JavaScript

28 +0

395 +0

57 +0

GitHub
pcap2har by andrewf

A convertor from .pcap network capture files to HTTP Archive files.

created at July 19, 2010, 11 p.m.

Python

25 +0

237 +0

68 +0

GitHub
libnet by libnet

A portable framework for low-level network packet construction

created at Feb. 19, 2009, 12:11 a.m.

C

74 +1

907 +0

257 +1

GitHub