Skip to main content

PyPCAPKit: comprehensive network packet analysis library

Project description

For any technical and/or maintenance information, please kindly refer to the Official Documentation.

The PyPCAPKit project is an open source Python program focus on network packet parsing and analysis, which works as a comprehensive PCAP file extraction, construction and analysis library.

The whole project supports Python 3.6 or later.

About

PyPCAPKit is a comprehensive Python-native network packet analysis library, with DictDumper as its formatted output dumper.

Unlike popular PCAP file extractors, such as Scapy, DPKT, PyShark, and etc, pcapkit is designed to be much more comprehensive, which means it is able to provide more detailed information about the packet, as well as a more Pythonic interface for users to interact with.

Module Structure

In pcapkit, all files can be described as following eight parts.

  • Interface (pcapkit.interface)

    User interface for the pcapkit library, which standardises and simplifies the usage of this library.

  • Foundation (pcapkit.foundation)

    Synthesises file I/O and protocol analysis, coordinates information exchange in all network layers, as well as provides the foundamental functions for pcapkit.

  • Protocols (pcapkit.protocols)

    Collection of all protocol family, with detailed implementation and methods.

  • Utilities (pcapkit.utilities)

    Auxiliary functions and tools for pcapkit.

  • CoreKit (pcapkit.corekit)

    Core utilities for pcapkit implementation, mainly for internal data structure and processing.

  • ToolKit (pcapkit.toolkit)

    Auxiliary tools for pcapkit to support the multiple extraction engines with a unified interface.

  • DumpKit (pcapkit.dumpkit)

    File output formatters for pcapkit.

  • Constants (pcapkit.const)

    Constant enumerations used in pcapkit for protocol family extraction and representation.

Engine Comparison

Due to the general overhead of pcapkit, its extraction procedure takes around 0.2 milliseconds per packet, which is already impressive but not enough comparing to other popular extration engines availbale on the market, given the fact that pcapkit is a comprehensive packet processing module.

Additionally, pcapkit introduced alternative extractionengines to accelerate this procedure. By now pcapkit supports Scapy, DPKT, and PyShark.

Test Environment

Operating System

macOS Ventura 13.4.1

Chip

Apple M2 Pro

Memory

16 GB

Test Results

Engine

Performance (ms per packet)

dpkt

0.010390_056723

scapy

0.091690_233567

pcapkit

0.200390_390390

pyshark

24.682185_018351

Installation

Simply run the following to install the current version from PyPI:

pip install pypcapkit

Or install the latest version from the gi repository:

git clone https://github.com/JarryShaw/PyPCAPKit.git
cd pypcapkit
pip install -e .
# and to update at any time
git pull

And since pcapkit supports various extraction engines, and extensive plug-in functions, you may want to install the optional ones:

# for DPKT only
pip install pypcapkit[DPKT]
# for Scapy only
pip install pypcapkit[Scapy]
# for PyShark only
pip install pypcapkit[PyShark]
# and to install all the optional packages
pip install pypcapkit[all]
# or to do this explicitly
pip install pypcapkit dpkt scapy pyshark

For CLI usage, you will need to install the optional packages:

pip install pypcapkit[cli]
# or explicitly...
pip install pypcapkit emoji

Project details


Release history Release notifications | RSS feed

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pypcapkit-1.3.5.post22.tar.gz (668.9 kB view details)

Uploaded Source

Built Distributions

pypcapkit-1.3.5.post22-cp313-none-any.whl (973.5 kB view details)

Uploaded CPython 3.13

pypcapkit-1.3.5.post22-cp312-none-any.whl (973.5 kB view details)

Uploaded CPython 3.12

pypcapkit-1.3.5.post22-cp310-none-any.whl (973.5 kB view details)

Uploaded CPython 3.10

pypcapkit-1.3.5.post22-cp39-none-any.whl (973.5 kB view details)

Uploaded CPython 3.9

File details

Details for the file pypcapkit-1.3.5.post22.tar.gz.

File metadata

  • Download URL: pypcapkit-1.3.5.post22.tar.gz
  • Upload date:
  • Size: 668.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for pypcapkit-1.3.5.post22.tar.gz
Algorithm Hash digest
SHA256 d69b870386b0e496df5c588e8c448a08240f9f77341ba19c5eb6740158839756
MD5 67854b395bfdfa77fa07eced1b047791
BLAKE2b-256 cb36c3af29f7c446e23fbcbfc29d8df478a95aaf30acb7562f59f431daf21fbc

See more details on using hashes here.

File details

Details for the file pypcapkit-1.3.5.post22-cp313-none-any.whl.

File metadata

File hashes

Hashes for pypcapkit-1.3.5.post22-cp313-none-any.whl
Algorithm Hash digest
SHA256 69458dd9d930fec12494fbf67c1b64277f3dd86ce4f4a621bc9be5fdf0445088
MD5 5ebf178c72c24b47d34dd6828f9d85a1
BLAKE2b-256 4d86e1ed89de6502881b1305654f39972a21b117481ca1fe92ca9f83f837cf98

See more details on using hashes here.

File details

Details for the file pypcapkit-1.3.5.post22-cp312-none-any.whl.

File metadata

File hashes

Hashes for pypcapkit-1.3.5.post22-cp312-none-any.whl
Algorithm Hash digest
SHA256 cfd17b0e7eb8ad4446f95d4bc6d2383fa968a864ce8f4a72ee2a48039d7fb634
MD5 5734685bf471bd4e4237b1bebe6c3e14
BLAKE2b-256 35351bc6eb4951377d67f3beadfe5debec7c8ab1edc1a1a9b046133b5fd267fd

See more details on using hashes here.

File details

Details for the file pypcapkit-1.3.5.post22-cp310-none-any.whl.

File metadata

File hashes

Hashes for pypcapkit-1.3.5.post22-cp310-none-any.whl
Algorithm Hash digest
SHA256 d075d89b767adf2a11555d18084dd99151e418667e7e695bfd25e41046e3da23
MD5 c0bbf944a055192c1d534a01895e86c8
BLAKE2b-256 666fead704be622b1a9ca268d264d7b924d79dce850a107e74c87f9ecd707619

See more details on using hashes here.

File details

Details for the file pypcapkit-1.3.5.post22-cp39-none-any.whl.

File metadata

File hashes

Hashes for pypcapkit-1.3.5.post22-cp39-none-any.whl
Algorithm Hash digest
SHA256 c3c065497aafdd24169c2ad1f679acc8a0f751409b5a1b3cd4f45274e420a2ad
MD5 c7f4b07d670868bd70d099746d8e7c26
BLAKE2b-256 4a8c464b03bafbe3e91c7fc2fcb3b79eb8a475aab31c8b2b2cbe0ead3982be0f

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page