Friday, August 10, 2018

Packet Capture ( PCAP ) File Analysis Tools


                  allows you to upload a PCAP, or packet capture, file and have it automatically analyzed and parsed against BRO IDS and Suricata signatures in order to provide information on what may have been detected in the capture file.



Microsoft Message Analyzer:

 is the successor to Microsoft Network Monitor. It is helpful in capturing, displaying, and analyzing protocol messaging traffic and other system messages. It is not only an effective tool for troubleshooting network issues, but for testing and verifying protocol implementations as well.


Message Analyzer can certainly be used to analyze .pcap files.  The tool is generic and not specific to Microsoft, but certainly more focus is put on the Windows scenarios so Microsoft related parsers are kept up to date.  However, you can analyze virtually any kind of data, going beyond network captures like EVT, ETW, CSV and many more.

Tools -> Options -> Parsing

Download Link :


               is a web visual tool for information security specialists, system administrators and everyone who needs to analyze large amounts of captured network traffic.