-
Notifications
You must be signed in to change notification settings - Fork 62
Implementations
Guy Harris edited this page Oct 1, 2016
·
32 revisions
This wiki tracks known implementations of pcapng.
| Application | Language | Read | Write | Default | Comment |
|---|---|---|---|---|---|
| Wireshark | C | Yes | Yes | Yes (since 1.8) | Also includes tshark, mergecap, reordercap, editcap, capinfos |
| NetworkMiner | .NET | Yes | ? | ? | -- |
| [Tracewrangler] (http://www.tracewrangler.com/) | Delphi | Yes | Yes | Yes | File size for reading files is limited to 2GB at the moment |
| CommView and CommView for WiFi | ? | Yes | Yes | No | -- |
| CloudShark | -- | Yes | Yes | Yes | Exports as pcapng |
| pcapfix | C | Yes | Yes | Yes | writes PCAPng when input file is PCAPng; otherwise PCAPng can be forced with a parameter |
| Corelatus GTH | C, Erlang | No | Yes | Yes | -- |
| NetworkMiner | Unknown | Yes | Unknown | Unknown | -- |
| CapLoader | MS .NET | Yes | Yes | Unknown | -- |
| pcapng.com | N/A | Yes | N/A | Yes | A web page to convert pcapng to pcap |
| thongs | C | No | Yes | Yes | -- |
| Apple's tcpdump | C | Yes | Yes | No | Apple's variant of tcpdump, using their variant of libpcap, which includes APSL-licensed code |
| tcpreplay | C | Yes | No | No | Uses libpcap to read pcapng |
| pktdump | Perl | Yes | No | -- | |
| scapy | Python3 | Yes | No | Yes | This is a fork of scapy, and only this fork handles pcapng |
| OmniPeek | Unknown | Yes | Yes | Unknown | -- |
| Library | Language | License | Read | Write | Comment |
|---|---|---|---|---|---|
| libpcap | C | BSD | Yes | No (Work in Progress) | Programs such as tcpdump using libpcap can thus read pcap-ng |
| Apple's libpcap | C | BSD/APSL | Yes | Yes | Apple's variant of libpcap; their changes are under the APSL license |
| rshk | Python | Apache | Yes | No | -- |
| awalsh128 | C# | BSD | Yes | No | -- |
| kornholi | Rust | MIT | Yes | No | -- |
| richo | Rust | MIT | Yes | No | -- |
| akinaru | Java | MIT | Yes | No | -- |
| ryrychj | C# | MIT | Yes | Yes | -- |