This repository contains a simple packet sniffer written in Go (Golang), using the gopacket
library. It's designed to capture and display TCP packets on a specified network interface.
The Go Packet Sniffer is a basic tool for network analysis, similar in concept to Wireshark, but much simpler. It captures TCP packets, displaying their source and destination ports, sequence numbers, and payloads (if readable as text).
Before you can run the packet sniffer, you need to have the following installed:
- Go (Golang) - Installation guide
- libpcap - On Unix-based systems, this can usually be installed via your package manager (e.g.,
apt
for Ubuntu,yum
for CentOS).- For Debian/Ubuntu:
sudo apt-get install libpcap-dev
- For RedHat/CentOS:
sudo yum install libpcap-devel
- For macOS:
brew install libpcap
(using Homebrew)
- For Debian/Ubuntu:
- WinPcap or Npcap for Windows users - Npcap
- Clone the repository:
git clone https://github.com/araujo88/GoPacketSniffer.git
- Navigate to the cloned repository:
cd GoPacketSniffer
- To run the packet sniffer, use the following command:
make sudo ./sniffer
- The sniffer will start capturing TCP packets on the default network interface. You can modify the source code to change the target interface or apply different filters.
- Captures TCP packets, including source/destination ports and sequence numbers.
- Displays readable text payloads from TCP packets.
- Easily modifiable for different network interfaces or packet types.
This tool is for educational purposes only. Unauthorized packet sniffing or network analysis can be illegal and unethical. Always ensure you have permission to capture packets on the network you're monitoring.
Contributions to the Go Packet Sniffer are welcome!
This project is licensed under the GPL License - see the LICENSE file for details.
- Special thanks to the contributors of the
gopacket
library. - Inspired by the functionalities of Wireshark.