Skip to content
- Offline analysis of tcpdump (libpcap) and Pcap NG files
- Multiple files can be opened and operated as one
- Runs on Windows
- Display filtering
- Detailed inspection of several protocols
- Supported linktypes are Ethernet, IEEE 802.11 and IPv4/6
- Live capture (IP only)
- Visualized connections in matrix
- Visualized IP connections in a World map
- Visualized packets on a timeline with drag & drop zoom
- Passive OS fingerprinting using databases from Satori
- Packet Playback
- Resolves physical, network and transport addresses (uses captured DNS data for address resolution)
- Resolves IP addresses using system DNS servers. Disabled by default
- Extracts host/domain names from DHCP packets. Extracts NetBIOS names from NBNS/NBDS packets
- Geo IPv4 and IPv6 integrated
- Simple packet data hex/text edit
- Packet data hex/text search
- Many customizable settings to setup application as you prefer. Automatically stored
- MAC address Information: Age, organization and address
- I/O graph
- Top 5-20 chart with several categories
- All modules/views supports packet filters and live packets capture