-
-
Notifications
You must be signed in to change notification settings - Fork 114
Network Traffic Analyzer
CarterPerez-dev edited this page Feb 11, 2026
·
1 revision
Real-time packet capture and analysis tool with protocol identification, bandwidth tracking, and visualization.
A Python-based packet capture and analysis tool that sniffs network traffic in real time, identifies protocols, tracks bandwidth usage, and generates visual reports. Uses a producer-consumer threading pattern for wire-speed capture without dropping packets.
Status: Complete | Difficulty: Beginner
This tool is for authorized network analysis only. Only capture traffic on networks you own or have explicit permission to monitor. Unauthorized packet capture is illegal.
| Technology | Version | Purpose |
|---|---|---|
| Python | 3.14+ | Modern syntax |
| Scapy | - | Packet capture and dissection |
| Rich | - | Real-time terminal dashboards |
| Matplotlib | - | Protocol charts, bandwidth timelines |
| Typer | - | CLI framework |
- Root/admin access required for packet capture
- Linux: root or CAP_NET_RAW capability
- macOS: root or /dev/bpf access
- Windows: Administrator + Npcap installed
- Real-time packet capture with BPF kernel-level filtering
- Protocol identification across Layers 2-7
- Active interface discovery
- Top talker analysis by traffic volume
- Bandwidth sampling at configurable intervals
- Protocol distribution pie charts
- Bandwidth timeline graphs
- Top talker bar charts
- JSON/CSV data export
- PCAP file analysis
- Network baseline establishment for anomaly detection
- Data exfiltration detection
- DDoS traffic identification
- Incident response packet analysis
┌─────────────────────────────────────────────┐
│ Producer Thread (capture.py) │
│ Scapy sniff() → BPF filter → Queue │
└──────────────────────┬──────────────────────┘
│ Thread-safe Queue
┌──────────────────────▼──────────────────────┐
│ Consumer Thread (analyzer.py) │
│ Protocol ID → Statistics → Export │
└──────────────────────┬──────────────────────┘
│
┌─────────────┼─────────────┐
▼ ▼ ▼
┌─────────────┐ ┌───────────┐ ┌───────────┐
│ statistics │ │ output │ │ visualize │
│ Thread-safe │ │ Rich │ │ Matplotlib│
│ collector │ │ console │ │ charts │
└─────────────┘ └───────────┘ └───────────┘
cd PROJECTS/beginner/network-traffic-analyzer
# Install dependencies
uv sync
# List available interfaces
sudo uv run netanal interfaces
# Capture 50 packets on loopback
sudo uv run netanal capture -i lo -c 50 --verbose
# Analyze an existing pcap file
uv run netanal analyze traffic.pcap --top-talkers 20
# Generate charts
uv run netanal chart traffic.pcap --type all -d ./charts/network-traffic-analyzer/
├── src/netanal/
│ ├── capture.py # Producer-consumer packet capture engine
│ ├── analyzer.py # Protocol identification and parsing
│ ├── filters.py # BPF filter builder with validation
│ ├── statistics.py # Thread-safe stats collector
│ ├── models.py # Data structures (PacketInfo, Protocol enum)
│ ├── visualization.py # Matplotlib chart generation
│ ├── export.py # JSON/CSV export
│ ├── output.py # Rich console formatting
│ ├── main.py # Typer CLI commands
│ ├── constants.py # Configuration values
│ └── exceptions.py # Custom exception hierarchy
├── tests/
└── pyproject.toml
# Run tests
uv run pytest tests/ -v
# Linting
uv run ruff check .
# Format
uv run ruff format .©AngelaMos | CertGames.com | CarterPerez-dev | 2026