PacketCaptureFileScanner

PacketCaptureFileScanner

Rating
3
Reviews
2
DNS Summary View
PacketCaptureFileScanner
PacketCaptureFileScanner
PacketCaptureFileScanner

App details

Release date

2020-08-10

Last update

2022-03-11

Product ID

9PH4WJFRBMS2

Categories

Business

About PacketCaptureFileScanner

This program processes network packet capture files (pcap) you created by running a network packet capture program (e.g. wireshark, tcpdump) and extracts statistics.

Process:
  1. You choose one or more capture files.
  2. You start the processing.
  3. The program does the processing which can take a while, depending
     on the number and sizes of the input files. You can expect a processing
     speed of up to 100 MB/s, depending on the mass storage the input files
     are stored at.
  4. You can browse the various statistical numbers in the UI and export
     some of them in CSV format to the clipboard for further processing
     (e.g. paste into Excel).
  
This program is currently work in progress.

Supports packet capture files in classic (pcap) and new (pcapng) file formats.

The current version supports the following statistical numbers:

  - Layer 2
    - General Ethernet Statistics
    - MAC/Ethernet Addresses:
      - Source addresses, Destination addresses, Multi-/Broadcast addresses
    - Ethernet frame size histogram
    - Linux Cooked Mode Statistics
    - Linux Cooked Mode frame size histogram
    - ARP: Packet counts
    - ARP: Extracted address mappings
    - PPPoE
      - PPPoE Discovery
        - General Stats
        - Access Concentrators List
        - List of Established PPPoE sessions
      - PPPoE Session
        - General Stats
        - LCP Stats
        - PAP Stats
    - IPv4: General Statistics
    - IPv4/IPv6: Address lists
      - Source addresses, Dest addresses,
        Source only addresses, Dest only addresses
      - each address with timestamps: first seen, last seen
      - lists can be filtered by address ranges
    - TCP:
      - Source and Dest ports used
    - DNS:
      - General Statistics
      - Queried Names (A record: IPv4)
      - Resolved Names (A record: IPv4)
      - Unresolved Names (A record)
      - Record Type counters
      - LOC records
    - DHCP:
      - Client MAC addresses
      - Host names
      - established DHCP configurations
    - TFTP
      - General Stats
      - File Transfers
    - HTTP (not HTTPS)
      - Request Targets (URLs)
      - Request User Agents
      - Response Status Codes
      - Server Software (extracted from Responses)
      - Content Types

We have plans for implementing more features in this application in the future.

If you find this program useful please consider purchasing the Plus
version with additional features not available in the standard version.

Please send feedback per e-mail to:
[email protected] or
[email protected]

or contact us on our discord server
https://discord.gg/WaxjrBX

If you are interested in custom versions or source licenses, please contact us directly.

Key features