scalpel by sleuthkit

Scalpel is an open source data carving tool. It is not being actively maintained.

created at June 27, 2013, 4:59 p.m.

43 +0

602 +1

100 +0

chopshop by MITRECND

Protocol Analysis/Decoder Framework

created at Sept. 18, 2012, 5:51 p.m.

71 +0

487 +1

111 +0

nfstream by nfstream

NFStream: a Flexible Network Data Analysis Framework.

created at Oct. 18, 2019, 3:14 p.m.

28 +0

1,043 +1

119 +2

CapTipper by omriher

Malicious HTTP traffic explorer

created at Jan. 13, 2015, 9:05 a.m.

63 +0

698 +1

159 -9

usbpcap by desowin

USB packet capture for Windows

created at Feb. 23, 2013, 10:47 p.m.

72 +0

869 +1

165 +0

cloud-probe by Netis

A Software Probe for network packet capturing and forwarding in Cloud/Kubernetes and Virtualized environment.

created at June 22, 2018, 10:08 a.m.

31 +0

947 +0

168 +0

tcpflow by simsong

TCP/IP packet demultiplexer. Download from:

created at April 1, 2012, 12:44 a.m.

80 +0

1,644 +2

239 +1

PCAPdroid by emanuele-f

No-root network monitor, firewall and PCAP dumper for Android

created at Jan. 6, 2020, 6:11 p.m.

42 +0

1,892 +17

239 +1

PacketStreamer by deepfence

Distributed tcpdump for cloud native environments

created at March 25, 2022, 2:31 p.m.

13 +0

1,852 -3

253 +1

libnet by libnet

A portable framework for low-level network packet construction

created at Feb. 19, 2009, 12:11 a.m.

72 +0

874 -1

254 +0

tcpreplay by appneta

Pcap editing and replay tools for *NIX and Windows - Users please download source from

created at Nov. 20, 2013, 1:10 a.m.

51 +0

1,118 +5

263 +0

sharppcap by dotpcap

Official repository - Fully managed, cross platform (Windows, Mac, Linux) .NET library for capturing packets

created at May 27, 2015, 1:53 p.m.

60 +0

1,239 +3

264 +0

dpkt by kbandla

fast, simple packet creation / parsing, with definitions for the basic TCP/IP protocols

created at June 6, 2012, 6:39 p.m.

51 +0

1,061 +1

272 +0

BruteShark by odedshimon

Network Analysis Tool

created at Feb. 16, 2020, 8:58 p.m.

96 +0

2,922 +5

319 +0

joy by cisco

A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring.

created at Jan. 8, 2016, 8:30 p.m.

113 +0

1,280 +2

328 +0

PcapPlusPlus by seladb

PcapPlusPlus is a multiplatform C++ library for capturing, parsing and crafting of network packets. It is designed to be efficient, powerful and easy to use. It provides C++ wrappers for the most popular packet processing engines such as libpcap, Npcap, WinPcap, DPDK, AF_XDP and PF_RING.

created at Oct. 7, 2014, 9:04 p.m.

95 +0

2,575 +3

631 +1