PCAP analyzer other environment

Drop a capture and read it locally: protocols, conversations, talkers, and anomaly flags — nothing uploaded.

What 'other' means here

This tool lives in the green room because its input is a BINARY FILE, not the paste/form text the catalogue's tools take. That is an input contract the catalogue cannot hold yet; the day it can, this tool graduates to the main floor.

Drop a .pcap or .pcapng here

or click to choose a file — it never leaves your browser

The file is read into memory and dissected entirely in your browser. Nothing is uploaded; there is no server round-trip at all.

Drop a capture file and it is read into memory and dissected in your browser: the container format (classic pcap in either byte order, including the nanosecond variant, and pcapng), then Ethernet through IPv4/IPv6 and TCP/UDP/ICMP — enough for the overview, the conversation and top-talker tables, and a first tier of anomaly flags stated as observations, not verdicts.

This first version dissects layers 2 through 4. Application-payload parsing (DNS, TLS, HTTP details) is a deliberate future pass, not a hidden gap — the tool tells you the depth it reached. Files are capped at 50 MB because a browser is for triage, not multi-gigabyte forensics; larger captures are refused rather than freezing the tab.

Back to the green room