Network
Analyzer
Real-time packet capture and threat detection. Run the pcap-agent binary then connect here to see your network traffic live.
[ − SETUP ]
// prerequisites · installation · usage
// prerequisites
Linux
sudo apt-get install -y libpcap-dev
// must run with sudo
macOS
brew install libpcap
// must run with sudo
// installation
// option 1 — download binary (recommended)
| Platform | File |
|---|---|
| Linux (amd64) | pcap-agent-linux-amd64 |
| Windows (amd64) | pcap-agent-windows-amd64.exe |
| macOS (Intel) | pcap-agent-darwin-amd64 |
| macOS (Apple Silicon) | pcap-agent-darwin-arm64 |
// option 2 — build from source
git clone https://github.com/Ahlyx/pcap-agent.git
cd pcap-agent
go build -o pcap-agent ./cmd/agent
// usage
// list available network interfaces
sudo ./pcap-agent list-interfaces
// start capturing on default interface (local mode)
sudo ./pcap-agent start
// capture on a specific interface
sudo ./pcap-agent start --interface eth0
// use a custom local WebSocket port
sudo ./pcap-agent start --port 8888
// relay mode — stream to ahlyxlabs.com/pcap?session=<id>
sudo ./pcap-agent start --relay
// modes
local (default)
Opens a WebSocket on localhost:7777. The browser connects directly — zero data leaves your machine. Agent and browser must run on the same machine.
relay
Streams captured data through api.ahlyxlabs.com. The agent prints a session ID on start — open ahlyxlabs.com/pcap?session=<id> in any browser to connect remotely.
// live packet flow
| TIME | SRC | DST | PORT | PROTO | BYTES |
|---|
// alerts
// no alerts detected
// dns queries
| TIME | SRC | QUERY | TYPE | RESPONSE |
|---|
// threat enrichment
// no enrichment results yet