A protocol analyzer like wireshark on CUI/TUI
Here is demo recording with asciinema.
This is an implementation like a wireshark on CUI/TUI. I think using Wireshark on GUI is really troublesome. So, I wish that using Cuishark is effortless and, speedy. Cuishark can be controlled by VI-like commands. (ex, hjkl)
running cuishark
prints Usage.
$ git clone https://github.com/slankdev/cuishark.git
$ cd cuishark
$ make
$ sudo ./cuishark -i eth0 // network-interface
$ sudo ./cuishark -r input.pcap // pcap-file-interface
$ sudo ./cuishark -i eth0 -f "tcp port 80" // use pcap-capture-filter
If you like CuiShark, sudo make install
to install to /usr/local/bin
.
$ sudo make install // install
$ sudo make uninstall // uninstall
While running, user can use following commands.
Command | Description |
---|---|
j,<down> | cursor down |
k,<up> | cursor up |
<Tab> | switch pane |
<Space> | Open/Close element |
- pcap-file
- network interface
- PCAP capture filter syntax
- libpcap
- libncurses
- clang
We assume that users use Ubuntu. If you use another distribution, please change Package-Manager according to the environment.
$ sudo apt install libpcap-dev libncurses5-dev clang
Current stable version is v0.1.
- v0.0
- v0.1
- support differential drawing
- using ncurses-APIs more
- v1.0 (Support Wireshark Display Filter)
I developed v0.0 with ncurses and c++11. However many implementation don't use recommended-APIs of ncurses, using original-implementation. So, v0.1 will use recommended-APIs of ncurses as much as possible.
MIT
see LICENCE.