Http packet viewer for linux and windows
Switch branches/tags
Nothing to show
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


Catcher - http packet viewer for linux. Written in C#, requires mono (>= 2.8). Uses SharpPcap library, you need to have >= libpcap0.8 (and -dev package) installed too. Although it may work with lower versions too. Run from binaries folder with root privileges: 'sudo mono catcher.exe', until I (or you) figure out how to sniff without root.

Unlike fiddler and like wireshark catcher doesn't act as proxy: no packets go through it, instead it passively captures tcp packets flying by and tries to assemble http data. The problem with this is some packets are going to be lost even when capture is handled correctly. Another problem is difficulty to decrypt SSL packets (man in the middle is not applicable). But it seem to work fine with small/medium sized http data (<= 2 Mb or so) and on a bright side you see all http packets travelling through selected interface and not just from a given application. If you want to catch packets going through localhost or select loopback interface from devices menu.

The source project created in MonoDevelop 3.0.5.


It turns out it works on windows! You'll need .net 4.0, gtk# for .net ( and winpcap library ( Once these installed run catcher.exe from windows_binaries folder.

Source project is opened by visual studio flawlessly.


Should work on a mac in theory, although I haven't tried that. Steps:

  • get libpcap
  • get mono and gtk# for mac
  • get monodevelop for mac
  • get sources from here and open it in monodevelop
  • compile
  • it should work (maybe with sudo)

Please give feedback here on github or at (questions are welcome too).

Here is how it looks on my ubuntu machine: catcher on ubuntu