Stefano Lorenzi

Stefano Lorenzi

Cyber Security and HomeBrewer


Pcaparse is a open source tool able to parse a pcap file (in tcpdump format) and it does this tasks:

  • Reproduce HTTP, TCP, DNS and ARP protocol
  • Reproduce PDF, web page, images thar are in pcap file
  • Discover some web attack like SQL injection and XSS Attacks
  • Discober malicious User-Agent in HTTP protocol some sqlmap
  • Show invalid TCP flags
  • This tool has a web interface and saves your cases in a sqlite database.
    I have tested this tool with Ubuntu distribution.


    You can download pcaparse here

    Release: 17/09/2015
    MD5: 4c040f4b1fc7f14f403904693b5b50a4

    Under Ubuntu, this tool has the follows dependencies:
    sudo apt-get install scapy python-matplotlib tcpflow
    pip install pygeoip


    To run pcaparse, just open a linux shell and run this command:



    This software is distributed with an unmodified copy of web2py from

    This tool is currently maintained by Stefano Lorenzi, who can be contacted at or twitter @BerghemHackLab Suggestions and criticism are welcome.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>