pcap file uploader, analyzer, and visualizer
JavaScript Python CSS HTML
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
doc
pcapview
test
.gitignore
README.md
requirements.txt

README.md

pcapview

Description

pcapview is a pcap file uploader, analyzer, and visualizer. You'll need a capture file, a format used by libpcap and network packet analyzers such as Wireshark or tcpdump. Drag the pcap file to the page, and the file will be timestamped and uploaded to the folder the application is running in. The visualization will appear, showing all IP conversations over time, with packet activity appearing as points on a line. Application protocols are represented by color, and hovering over a conversation reveals the source and destination IP addresses of the first packet sent between them in the capture file. To toggle a permanent display of the IP addresses, click Show/Hide IPs.

Requirements

  • Python 3 on Linux
    • tested with Python 3.6.2 on Ubuntu 16.04.3 LTS
  • Python Packages: Flask (0.12.1) and its dependencies
    • pip install -r requirements.txt
  • Linux Packages: TShark (Wireshark) 2.2.6
    • apt-get install tshark
  • PCAPs
    • example pcaps provided in the test folder
    • to create your own, use tshark: tshark -w out.pcap
    • download from the web, but be careful; example pcaps are from here

Run

  • To start the application listening on port 5000:
    • python pcapview.py

Screenshots

screenshot screenshot screenshot