f18m / large-pcap-analyzer
A command-line utility program that performs some simple operations on PCAP files (Wireshark/tcpdump traces) very quickly. Allows you to manipulate very large PCAP files that cannot be easily handled with other software like Wireshark (or tshark). Supports filtering encapsulated GTPu frames. Easily extendible.
☆98Updated 6 months ago
Related projects ⓘ
Alternatives and complementary repositories for large-pcap-analyzer
- calculate flow information from PCAP and extract tcp streams☆69Updated 4 months ago
- High Speed PCAP to JSON conversion utility☆100Updated 5 months ago
- FlowScope is an oscilloscope for your network traffic. It records all traffic continuously in a ring buffer and dumps specific flows to d…☆91Updated 6 years ago
- Ipsumdump and other programs for command-line network trace manipulation.☆37Updated 9 months ago
- Plugin providing AF_XDP support for Bro.☆14Updated 3 years ago
- High performance Deep Packet Inspection (DPI) framework to identify L7 protocols and extract and process data and metadata from network t…☆117Updated 3 years ago
- A fast parser for DNS pcap data.☆70Updated 7 years ago
- Packet capture libraries benchmark☆33Updated 3 years ago
- C Library for working with network packet traces☆157Updated last week
- aka GENESIDS: Reads and parses rules using a "snort like" syntax and generates and sends packets that trigger events in signature based I…☆22Updated 6 years ago
- System for network traffic analysis and anomaly detection.☆87Updated 3 weeks ago
- Network traffic classification library that requires minimal application payload☆207Updated 3 months ago
- High performance time ordered PCAP merging utility☆22Updated 2 years ago
- Diff two or more PCAP files☆106Updated 3 years ago
- Snort DPDK DAQ module with multiqueue support - Primarily for Napatech NICs☆28Updated 5 years ago
- Lua script for split big PCAP file in few little PCAP's by tcp stream id.☆24Updated 6 years ago
- Accurate, modular, scalable PCAP manipulation tool written in Go.☆85Updated 6 months ago
- This tool can replay a pcap capture at wire speed on several 10Gbps links.☆67Updated 4 years ago
- Tiny nDPI based deep packet inspection daemons / toolkit.☆67Updated this week
- User-friendly C Library to perform TCP streams reassembly and IPv4/6 defragmentation☆107Updated 6 years ago
- tcptrace is a tool written by Shawn Ostermann at Ohio University, for analysis of TCP dump files.☆77Updated 7 years ago
- Collection of "bad" packets in PCAPs that can be used for testing software☆17Updated 6 years ago
- Performs IP reassembly and strips off extraneous encapsulation (VLANs, MPLS, GRE, L2TP) in pcap files☆60Updated 10 months ago
- Upload captures directly to CloudShark from Wireshark☆39Updated 2 years ago
- It is a platform to use multiprocess to combine dpdk and libnids together to support analyse packets in 10G port.☆38Updated 10 years ago
- High performance, DPDK-based, user space firewall☆11Updated 8 years ago
- DPDK-Dump is able to store on disk network traffic at high speed using DPDK library.☆32Updated 9 years ago
- SD-WAN security and insecurity☆169Updated 4 years ago
- Decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols, can also remove IEEE 802.1Q (virtual lan) header. Works w…☆32Updated 6 years ago
- Pcap-splitter allows you to split a pcap file into subsets of pcap files based on sessions, flows, ip addresses, number of bytes, number …☆65Updated 5 years ago