# GyulyVGC/sniffnet **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/gyulyvgc-sniffnet).** 32,801 stars · 1,211 forks · Rust · apache-2.0 ## Links - GitHub: https://github.com/GyulyVGC/sniffnet - Homepage: https://sniffnet.net - awesome-repositories: https://awesome-repositories.com/repository/gyulyvgc-sniffnet.md ## Topics `application` `gui` `iced` `linux` `macos` `network` `network-analysis` `network-monitoring` `networking` `packet-analyser` `packet-capture` `packet-sniffer` `pcap` `rust` `rust-crate` `security` `tool` `utility` `windows` ## Description This application is a desktop network traffic analyzer that provides real-time monitoring and forensic inspection of data packets. By interfacing directly with low-level system drivers, it captures raw network traffic from physical or virtual adapters to identify communication patterns, track bandwidth usage, and diagnose connectivity issues. The system distinguishes itself through an immediate-mode graphical interface that rebuilds the display state every frame, ensuring high responsiveness during live data updates. It maintains performance by using asynchronous message passing to decouple the packet capture engine from the rendering thread. To provide context for network activity, the application performs real-time enrichment through high-speed database lookups, enabling features like autonomous system identification, host location mapping, and reverse DNS resolution. Beyond basic monitoring, the tool includes comprehensive diagnostic and security capabilities. Users can apply granular traffic filtering, manage alert conditions for specific network events, and utilize automated threat detection to identify and block suspicious connections. The software also supports the recording of traffic data into standard file formats for offline analysis and provides configuration options for operation within isolated containerized environments. ## Tags ### Networking & Communication - [Network Traffic Analyzers](https://awesome-repositories.com/f/networking-communication/network-traffic-analyzers.md) — Investigates captured network data to identify communication patterns and resolve host domains. - [Packet Capture Drivers](https://awesome-repositories.com/f/networking-communication/packet-capture-drivers.md) — The system interacts with low-level system drivers to intercept and process raw network traffic directly from the host interface for analysis. - [Packet Capture Engines](https://awesome-repositories.com/f/networking-communication/packet-capture-engines.md) — A low-level software component that interfaces with system drivers to intercept and process raw network traffic from physical or virtual adapters. - [Traffic Flow Aggregators](https://awesome-repositories.com/f/networking-communication/traffic-flow-aggregators.md) — Maintains in-memory representations of active network flows to track communication patterns. - [Packet Capture Utilities](https://awesome-repositories.com/f/networking-communication/packet-capture-utilities.md) — Records raw network traffic into standard file formats to facilitate offline analysis. - [Autonomous System Identifiers](https://awesome-repositories.com/f/networking-communication/autonomous-system-identifiers.md) — The system retrieves administrative names for network hosts via database lookups to identify the specific organizations or entities controlling the infrastructure involved in traffic. ([source](https://github.com/GyulyVGC/sniffnet/wiki/Network-hosts)) ### Operating Systems & Systems Programming - [Packet Interception Drivers](https://awesome-repositories.com/f/operating-systems-systems-programming/packet-interception-drivers.md) — Captures raw network traffic by interfacing directly with low-level system drivers. ### Security & Cryptography - [Network Security Monitors](https://awesome-repositories.com/f/security-cryptography/network-security-monitors.md) — A diagnostic interface that identifies remote hosts and geographical locations to help users track and filter suspicious network connections. - [Network Security Diagnostics](https://awesome-repositories.com/f/security-cryptography/network-security-diagnostics.md) — Identifies suspicious network activity by monitoring traffic for unauthorized connections and malicious addresses. - [Threat Detection](https://awesome-repositories.com/f/security-cryptography/threat-detection.md) — Identifies suspicious network activity by monitoring traffic for unauthorized connections. - [IP Blacklisting](https://awesome-repositories.com/f/security-cryptography/ip-blacklisting.md) — Maintains restricted IP address lists to automatically flag or block traffic from known malicious sources. ([source](https://github.com/GyulyVGC/sniffnet/wiki/IP-blacklists)) ### System Administration & Monitoring - [Network Traffic Analyzers](https://awesome-repositories.com/f/system-administration-monitoring/network-traffic-analyzers.md) — A desktop application that monitors real-time data packets to provide visual insights into network activity and host communication patterns. - [Packet Inspection](https://awesome-repositories.com/f/system-administration-monitoring/packet-inspection.md) — Examines individual packets and protocol headers to diagnose connectivity issues or verify data transmission security. ([source](https://github.com/GyulyVGC/sniffnet/wiki/Traffic-inspection)) - [Real-Time Network Monitors](https://awesome-repositories.com/f/system-administration-monitoring/real-time-network-monitors.md) — Observes live data packets to track bandwidth usage and identify active connections. - [Interface Monitoring](https://awesome-repositories.com/f/system-administration-monitoring/interface-monitoring.md) — Observes real-time network traffic by selecting from available physical or virtual network interfaces. ([source](https://github.com/GyulyVGC/sniffnet/wiki/Data-source-selection)) - [Traffic Analysis](https://awesome-repositories.com/f/system-administration-monitoring/traffic-analysis.md) — Performs forensic examination of past network activity by reading captured data files. ([source](https://github.com/GyulyVGC/sniffnet/wiki/Data-source-selection)) - [Connectivity Diagnostics](https://awesome-repositories.com/f/system-administration-monitoring/connectivity-diagnostics.md) — Diagnoses connectivity issues and performance bottlenecks by inspecting packet flow and application behavior. - [Traffic Filtering](https://awesome-repositories.com/f/system-administration-monitoring/traffic-filtering.md) — Applies configurable filtering criteria to isolate relevant network packets during monitoring or analysis. ([source](https://github.com/GyulyVGC/sniffnet/wiki/Filters-configuration)) - [Bandwidth Monitors](https://awesome-repositories.com/f/system-administration-monitoring/bandwidth-monitors.md) — The system tracks the volume of data transmitted by specific programs to identify high-usage applications and optimize network performance across the host machine. ([source](https://github.com/GyulyVGC/sniffnet/wiki/Programs)) - [Traffic Dashboards](https://awesome-repositories.com/f/system-administration-monitoring/traffic-dashboards.md) — Summarizes network activity through a centralized dashboard displaying key metrics and performance trends. ([source](https://github.com/GyulyVGC/sniffnet/wiki/Traffic-overview)) - [Alert Management](https://awesome-repositories.com/f/system-administration-monitoring/alert-management.md) — Allows users to define alert conditions and delivery preferences for network events and status changes. ([source](https://github.com/GyulyVGC/sniffnet/wiki/Notifications)) - [Service Discovery](https://awesome-repositories.com/f/system-administration-monitoring/service-discovery.md) — Examines active network services and protocols to identify communication endpoints and traffic nature. ([source](https://github.com/GyulyVGC/sniffnet/wiki/Services)) ### User Interface & Experience - [Immediate-Mode Interfaces](https://awesome-repositories.com/f/user-interface-experience/immediate-mode-interfaces.md) — Draws the user interface by rebuilding the entire display state every frame for high-performance updates. - [Immediate Mode UI Frameworks](https://awesome-repositories.com/f/user-interface-experience/immediate-mode-ui-frameworks.md) — A user interface paradigm that rebuilds the entire display state every frame to ensure high performance during real-time data updates. ### Software Engineering & Architecture - [Concurrency Patterns](https://awesome-repositories.com/f/software-engineering-architecture/concurrency-patterns.md) — Decouples network capture from interface rendering using thread-safe channels for non-blocking data flow. - [Message Passing Systems](https://awesome-repositories.com/f/software-engineering-architecture/message-passing-systems.md) — Decouples network capture from interface rendering by passing processed traffic data through thread-safe channels for non-blocking visualization.