Submitted by jelu on Tue, 05/23/2017 - 09:49

PacketQ

packetq is a command line tool to run SQL queries directly on PCAP files, the results can be outputted as JSON (default), formatted/compact CSV and XML. It also contain a very simplistic web-server in order to inspect PCAP files remotely. PacketQ was previously known as DNS2db but was renamed in 2011 when it was rebuilt and could handle protocols other than DNS among other things.

More information is provided in our README, FAQ, functions, and fields documentation.

A short demo-video of PacketQ's capabilities is available on http://www.youtube.com/watch?v=70wJmWZE9tY

Latest Release

This is the latest release of PacketQ, read about the changes in the changelog.

File Date Size
packetq-1.3.1.tar.gz Jun 02, 2017 913K
packetq-1.3.0.tar.gz May 23, 2017 912K

See sha256.txt or sha512.txt for checksums.

The software is licensed under the GNU General Public License v3.

Code Repositories

You can clone the code repositories from GitHub:

$ git clone https://github.com/DNS-OARC/PacketQ.git