PacketSnitch is a Python tool for extracting payloads and rich metadata from network packet capture (.pcap) files. It generates testcases for fuzzing, protocol analysis, and research by saving raw packet data and detailed information about each packet, including protocol, entropy, geoip, banners, and more. The tool optionally performs active reconnaissance to enrich output with server banners, SSL certificate info, and web page titles.
Please donate to this project to keep it going!
Thanks.dev
Thanks.dev, PayPal, Venmo, and Bitcoin are accepted forms of donation to the PacketSnitch proeject!
This is a screenshot of PacketSnitch v1.2.227.
Start by installing a production release from the releases page, deb,rpm, and exe. There are supported installers for both Linux and Windows.
Once installed, type packetsnitch or click the icon to get started! To search for packets using the filter, browse the docs for the unique identifer keys and search syntax in the docs.
Developer install instructions are in the following two articles:
For a complete guide to searching and filtering packets, see the filter reference:
GNU GPLv3
Marshall Whittaker
