f18m / large-pcap-analyzer
A command-line utility program that performs some simple operations on PCAP files (Wireshark/tcpdump traces) very quickly. Allows you to manipulate very large PCAP files that cannot be easily handled with other software like Wireshark (or tshark). Supports filtering encapsulated GTPu frames. Easily extendible.
☆93Updated 4 months ago
Related projects: ⓘ
- Packet capture libraries benchmark☆32Updated 3 years ago
- Ipsumdump and other programs for command-line network trace manipulation.☆37Updated 7 months ago
- FlowScope is an oscilloscope for your network traffic. It records all traffic continuously in a ring buffer and dumps specific flows to d…☆90Updated 5 years ago
- calculate flow information from PCAP and extract tcp streams☆68Updated last month
- System for network traffic analysis and anomaly detection.☆84Updated last month
- Snort DPDK DAQ module with multiqueue support - Primarily for Napatech NICs☆28Updated 5 years ago
- Diff two or more PCAP files☆103Updated 3 years ago
- It is a platform to use multiprocess to combine dpdk and libnids together to support analyse packets in 10G port.☆38Updated 9 years ago
- User-friendly C Library to perform TCP streams reassembly and IPv4/6 defragmentation☆107Updated 6 years ago
- High Speed PCAP to JSON conversion utility☆98Updated 3 months ago
- High performance Deep Packet Inspection (DPI) framework to identify L7 protocols and extract and process data and metadata from network t…☆114Updated 3 years ago
- High level language for describing protocol parsers.☆71Updated last month
- Using nDPI/openDPI to detect flow protocols from a PCAP file or live NIC. This program was modified from example in nDPI and I added a pe…☆22Updated 8 years ago
- DPDK-Dump is able to store on disk network traffic at high speed using DPDK library.☆32Updated 9 years ago
- A fast parser for DNS pcap data.☆70Updated 7 years ago
- Network traffic classification library that requires minimal application payload☆206Updated last month
- This tool can replay a pcap capture at wire speed on several 10Gbps links.☆67Updated 4 years ago
- Plugin providing AF_XDP support for Bro.☆14Updated 3 years ago
- tcptrace is a tool written by Shawn Ostermann at Ohio University, for analysis of TCP dump files.☆76Updated 7 years ago
- Accurate, modular, scalable PCAP manipulation tool written in Go.☆85Updated 4 months ago
- Netmap tutorial at SIGCOMM 2017 and AsiaBSDCon 2018☆80Updated 5 years ago
- Decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols, can also remove IEEE 802.1Q (virtual lan) header. Works w…☆32Updated 5 years ago
- Documentation, sample inputs, and sample programs that use the dpkt library☆86Updated 8 years ago
- Collection of "bad" packets in PCAPs that can be used for testing software☆17Updated 6 years ago
- A open source program for TCP analysis of PCAP files☆113Updated 6 years ago
- tcp reassembly☆26Updated 2 years ago
- Tools for programmatic parsing of packet captures using Wireshark functionality☆92Updated 10 years ago
- GQUIC Protocol Analyzer for Zeek (Bro) Network Security Monitor☆75Updated last year
- Netfilter kernel module for Deep Packet Inspection filtering☆45Updated 6 years ago
- aka GENESIDS: Reads and parses rules using a "snort like" syntax and generates and sends packets that trigger events in signature based I…☆22Updated 5 years ago