Skip to content
Monitor ethernet traffic in real time with a 3D backend.
CMake C++ Zeek Shell Other
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
contrib Represent every port, use summaries to speed up message passing, desc… Jul 24, 2019
modules Add monopt_iface_proto to install targets, update pkgbuild Jun 6, 2019
src Label broadcast pools Oct 7, 2019
.gitignore Remove unused hidden files and directory May 27, 2019 Update screen, cleanup comments, move epoch script Jul 15, 2019
CMakeLists.txt Resolve creation of extra entities and temporarily disable multi IP f… Sep 23, 2019
LICENSE.txt License under GPLv3, update name to evenbettercap ;) May 27, 2019 Label broadcast pools Oct 7, 2019
resources.conf Implement WorldScreenLink connectiobs for watched devices Jul 8, 2019


This was a fork of Wireshark version 2.6.8.

Now it is a stand alone application that visualizes ethernet traffic in realtime. It leverages Zeek to capture packets and broker messages and then renders traffic flow with Magnum and OpenGL.

The goal of the software is four fold:

  • Provide simple visual network diagnostics to resolve configuration issues.
  • Demonstrate attacks, information leakage and erroneous devices in local networks and traffic flows.
  • Simplify network reconnaissance and manage man-in-the-middle attacks.
  • Define network elements symbolically to simplify the explanation and diffusion of knowledge about computer networks.

This software might be useful to you if you:

  • Must configure local networks
  • Must defend networks
  • Penetrate networks
  • Make pew pew noises when pinging

All reactions to this project including silly questions are appreciated. Open an issue here or contact Nick directly.

The animation below demonstrates the output of Monopticon (v0.2.0) monitoring a local network from a span port. For more examples visit src/expirements.

what it looks like


  1. Install the software following the commands documented below.
  2. Prepare a suitable interface to capture packets on.

Read the file to ensure that it will work with your system.

  1. Run:
> monopticon

Arch Linux

Download the imgui-src package for the imgui headers.

> wget
> sudo pacman -U imgui-src-1.66b-1-any.pkg.tar

Install monopticon and its dependencies from the Arch user repository.

> yay monopticon

Give the zeek binary the capability to capture packets without sudo.

> sudo setcap cap_net_raw=eip `which zeek`
You can’t perform that action at this time.