PacketCaptureFileScanner Plus

PacketCaptureFileScanner Plus

Rating
0
Reviews
0
DNS Summary View
Top 10 report editing
Top 10 report view
Export Report to HTML: Options
Export report to HTML: color selection

App details

Release date

2020-11-17

Last update

2022-08-01

Product ID

9PKGH3XCRSMN

Categories

Business

About PacketCaptureFileScanner Plus

This program processes network packet capture files (pcap) you created by running a network packet capture program (e.g. wireshark, tcpdump) and extracts statistics.

Process:
  1. You choose one or more capture files.
  2. You start the processing.
  3. The program does the processing which can take a while, depending
     on the number and sizes of the input files. You can expect a processing
     speed of up to 100 MB/s, depending on the mass storage the input files
     are stored at.
  4. You can browse the various statistical numbers in the UI and export
     some of them in CSV format to the clipboard for further processing
     (e.g. paste into Excel).
     
Supports packet capture files in classic (pcap) and new (pcapng) file formats.

The current version supports the following statistical numbers:

  - Layer 2
    - General Ethernet Statistics
    - MAC/Ethernet Addresses:
      - Source addresses, Destination addresses, Multi-/Broadcast addresses
    - Ethernet frame size histogram
    - Linux Cooked Mode Statistics
    - Linux Cooked Mode frame size histogram
    - ARP: Packet counts
    - ARP: Extracted address mappings
    - PPPoE
      - PPPoE Discovery
        - General Stats
        - Access Concentrators List
        - List of Established PPPoE sessions
      - PPPoE Session
        - General Stats
        - LCP Stats
        - PAP Stats
    - IPv4: General Statistics
    - IPv4/IPv6: Address lists
      - Source addresses, Dest addresses,
        Source only addresses, Dest only addresses
      - each address with timestamps: first seen, last seen
      - lists can be filtered by address ranges (not yet for IPv6)
    - TCP:
      - Source and Dest ports used
    - DNS:
      - General Statistics
      - Queried Names (A record: IPv4)
      - Resolved Names (A record: IPv4)
      - Unresolved Names (A record)
      - Record Type counters
      - LOC records
    - DHCP:
      - Client MAC addresses
      - Host names
      - established DHCP configurations
    - TFTP
      - General Stats
      - File Transfers
    - HTTP (not HTTPS)
      - Request Targets (URLs)
      - Request User Agents
      - Response Status Codes
      - Server Software (extracted from Responses)
      - Content Types

This is the Plus version of PacketCaptureFileScanner with the following
additional functions:

  • IPv6 addresses extraction
  • MAC address manufacturer lookup in local database (not online)
  • Allows to export reports directly into HTML and PDF files with
    customizations.

We have plans for implementing more features in this application in the future.

Please send feedback or feature requests per e-mail to:
[email protected] or
[email protected]

or contact us on our discord server
https://discord.gg/WaxjrBX

If you are interested in custom versions or source licenses, please contact us directly.

Key features