A lightweight CLI tool for analyzing pcap files

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for schiffd from gravatar.com schiffd

Unverified details

These details have not been verified by PyPI
Meta
Report project as malware

Project description

PCAP Analyzer

This project is a lightweight, simple CLI tool written in Python designed to analyse .pcap files and offer insight in the network traffic without the overhead of full packet inspections.

Introduction

Network administrators often need to quickly analyze .pcap files to understand traffic patterns, protocol usage, and network performance. Tools like Wireshark offer deep inspection but can be heavy and overkill for simple summaries.

PCAP Analyzer fills this gap by offering a lightweight, scriptable CLI tool that provides essential network insights without the overhead.

Features

Option Description
--printall Shows all IP traffic as source → destination.
--showprotocols Displays the number of packets per IP protocol (such as TCP, UDP, ICMP).
--toptalkers Shows the top 5 most active sending IP addresses.
--throughput Calculates total throughput in Mbps over the duration of the capture.
--data_packet_rtt Measures average latency (RTT) between data packets and their ACKs.
--extract_dns_domains Lists unique domains queried via DNS.

Non-functional Specifications

  • Platform Support: Compatible with Windows, Linux, and macOS; requires Python 3.8 or higher.
  • Usability: Simple CLI with one-command execution; help available via --help flag.
  • Maintainability: Modular, clean codebase for easy future expansion.
  • Security: Only reads .pcap files; no packet modification or network interaction.

Installation

Option 1: Install from PyPI (Recommended for most users)

Install the latest stable version directly from PyPI:

pip install pcap-analyzer

Option 2: Install from GitLab (For contributors and advanced users)

Clone the repository:

git clone https://gitlab.fdmci.hva.nl/schiffd/pcap-analyzer
cd pcap-analyzer

Install dependencies:

pip install -r requirements.txt

Or with UV:

uv pip install .

Install development dependencies

pip install -r dev-requirements.txt

Or with UV:

uv pip install .[dev]

Usage

If installed via pip, use the CLI command:

pcap-analyser --file <path/to/file.pcapng> [options]

If running directly from the source (Gitlab):

python -m analyser --file <path/to/file.pcapng> [options]

Examples

Show the toptalkers (most active IP addresses):

pcap-analyser --file capture.pcapng --toptalkers  # if installed via pip

or

python -m analyser --file capture.pcapng --toptalkers  # if running from source (GitLab)

Demo --showprotocols

Show all the used protocols:

python -m analyser --file capture.pcapng --showprotocols  # if installed via pip

or

python -m analyser --file capture.pcapng --showprotocols  # if running from source (GitLab)

Demo --showprotocols

License

This project is licensed under the MIT License - see the LICENSE file for details.

Author

Daniël Schiffers
Amsterdam University of Applied Sciences
📧 daniel.schiffers@hva.nl

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for schiffd from gravatar.com schiffd

Unverified details

These details have not been verified by PyPI
Meta

Release history Release notifications | RSS feed

This version

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pcap_analyzer-0.1.5.tar.gz (81.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

pcap_analyzer-0.1.5-py3-none-any.whl (78.0 kB view details)

Uploaded Python 3

File details

Details for the file pcap_analyzer-0.1.5.tar.gz.

File metadata

  • Download URL: pcap_analyzer-0.1.5.tar.gz
  • Upload date:
  • Size: 81.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.12.3

File hashes

Hashes for pcap_analyzer-0.1.5.tar.gz
Algorithm Hash digest
SHA256 27461ab37d6e5d3cab8110be7ef9b5047b319f8d8f68b21df9cc9c8b9281371c
MD5 623d95a9151cb8c14e2c3120502e6756
BLAKE2b-256 e701724bd7294d6b30c19adc473b74546f9b39d6ad512055e7311651ef93f1a3

See more details on using hashes here.

File details

Details for the file pcap_analyzer-0.1.5-py3-none-any.whl.

File metadata

  • Download URL: pcap_analyzer-0.1.5-py3-none-any.whl
  • Upload date:
  • Size: 78.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.12.3

File hashes

Hashes for pcap_analyzer-0.1.5-py3-none-any.whl
Algorithm Hash digest
SHA256 6cb8571e816bf3fcfe926462ee0b2eef6e05973f4cacd791543bbdf39b7d6105
MD5 79f4e646bb9d5c0fd6657fa0c8505dfd
BLAKE2b-256 845186d24d1a499fa2b1b2b21f30606d2322bdc6848ee17ea38b0f6e3f04903c

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page