forked from DNS-OARC/PacketQ
-
Notifications
You must be signed in to change notification settings - Fork 0
A tool that provides a basic SQL-frontend to PCAP-files. Outputs JSON, CSV and XML and includes a build-in webserver with JSON-api and a nice looking AJAX GUI.
License
mwander/PacketQ
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
PacketQ is a command line tool to run sql queries directly on pcap files. However, PacketQ also contain a very simplistic webserver in order to inspect pcap files remotely and a simple prototype AJAX-based GUI. Sample command lines: packetq -s "select * from dns limit 10" sample.pcap Retrives the 10 first packets containing dns information from the file "sample.pcap" packetq -d -p8080 -w html/ -r pcap/ Starts a webserver on port 8080 (-p8080) as a daemon (-d) servering files from the directory html/ (-w html/) and pcapfiles from the directory pcap/ (-r pcap/). To install: download and unpack the source from: https://github.com/dotse/PacketQ/tarball/master, then type "./configure; make; make install" Pre-compiled binaries for Mac OS can be found at: https://github.com/dotse/PacketQ/raw/master/bin/macos/packetq.zip More information is provided in our wiki on https://github.com/dotse/packetq/wiki We also have a public mailing-list at http://lists.iis.se/mailman/listinfo/packetq A short demo-video of PacketQs capabilities is available on http://www.youtube.com/watch?v=70wJmWZE9tY License and terms for use and redistribution is here https://github.com/dotse/PacketQ/blob/master/COPYING
About
A tool that provides a basic SQL-frontend to PCAP-files. Outputs JSON, CSV and XML and includes a build-in webserver with JSON-api and a nice looking AJAX GUI.
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published
Languages
- JavaScript 67.8%
- C++ 21.3%
- C 4.2%
- Shell 3.6%
- CSS 2.4%
- Perl 0.6%
- PHP 0.1%