packrat-tui 0.2.1

A Wireshark-style terminal packet analyzer for live capture and simulated traffic inspection
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94

# 🐀 packrat

> A Wireshark-style network packet analyzer TUI built with **Rust + Ratatui**.

> Crates.io package: `packrat-tui`  
> Installed binary: `packrat`

<p align="center">
  <img src="https://raw.githubusercontent.com/0xbadcaffe/packrat/master/assets/packrat-screenshot.svg" alt="Packrat TUI screenshot" />
</p>

```
                     __                   __
___________    ____ |  | ______________ _/  |_
\____ \__  \ _/ ___\|  |/ /\_  __ \__  \\   __\
|  |_> > __ \\  \___|    <  |  | \// __ \|  |
|   __(____  /\___  >__|_ \ |__|  (____  /__|
|__|       \/     \/     \/            \/
```

## Install

```bash
# Demo/simulated traffic mode (no libpcap/Npcap required)
cargo install packrat-tui
packrat
```

```bash
# Real interface capture support
cargo install packrat-tui --features real-capture
packrat
```

## Features

| Tab | Contents |
|-----|----------|
| **1 Packets**   | Live packet list with protocol tree + hex dump |
| **2 Analysis**  | Protocol stats, top talkers, conversations, port summary |
| **3 Strings**   | Extracted strings with sensitive data flagging |
| **4 Dynamic**   | Live syscall / signal / network trace log |
| **5 Visualize** | Protocol bars, traffic sparkline, top IPs, geo endpoints |
| **6 Topology**  | Host relationship map with packet flow summaries |

## Build From Source

```bash
# Install Rust (one-time) — https://rustup.rs
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

git clone https://github.com/0xbadcaffe/packrat.git
cd packrat
cargo run                          # dev build
cargo build --release              # optimised binary
./target/release/packrat           # macOS / Linux
.\target\release\packrat.exe       # Windows
```

## Keyboard Shortcuts

| Key | Action |
|-----|--------|
| `Space` | Start / Stop capture |
| `j/k` `↑↓` | Navigate |
| `g / G` | Top / Bottom |
| `1–6` | Switch tabs |
| `/` | Filter |
| `i` | Pick interface |
| `w` | Toggle PCAP recording |
| `h` | Help |
| `C` | Clear |
| `q` | Quit |

## Filter Syntax

```
tcp                    ip.src==192.168.1.1
dns                    ip.dst==8.8.8.8
http                   tcp.port==443
```

## Platform Support

| Platform | Terminal | Status |
|----------|----------|--------|
| Linux | Any ||
| macOS | iTerm2 / kitty ||
| Windows | Windows Terminal ||
| WSL2 | Any ||

## License

MIT — see [LICENSE](LICENSE)