{"id":13657739,"url":"https://github.com/caesar0301/http-sniffer","last_synced_at":"2025-10-05T13:36:53.351Z","repository":{"id":5740262,"uuid":"6952546","full_name":"caesar0301/http-sniffer","owner":"caesar0301","description":"A multi-threading tool to sniff TCP flow statistics and embedded HTTP headers from PCAP file. Each TCP flow carrying HTTP is exported to text file in json format.","archived":false,"fork":false,"pushed_at":"2025-07-10T04:36:24.000Z","size":1443,"stargazers_count":190,"open_issues_count":1,"forks_count":48,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-07-12T15:36:33.292Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"http://caesar0301.github.io/http-sniffer","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/caesar0301.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGES","contributing":null,"funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2012-12-01T09:58:46.000Z","updated_at":"2025-07-10T04:33:38.000Z","dependencies_parsed_at":"2025-07-12T15:22:29.069Z","dependency_job_id":"6ba63187-baa4-4fc5-9882-822fcb78ce1e","html_url":"https://github.com/caesar0301/http-sniffer","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/caesar0301/http-sniffer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/caesar0301%2Fhttp-sniffer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/caesar0301%2Fhttp-sniffer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/caesar0301%2Fhttp-sniffer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/caesar0301%2Fhttp-sniffer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/caesar0301","download_url":"https://codeload.github.com/caesar0301/http-sniffer/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/caesar0301%2Fhttp-sniffer/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278464306,"owners_count":25991176,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-05T02:00:06.059Z","response_time":54,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T05:00:50.106Z","updated_at":"2025-10-05T13:36:53.318Z","avatar_url":"https://github.com/caesar0301.png","language":"C","funding_links":[],"categories":["C","\u003ca id=\"7bf0f5839fb2827fdc1b93ae6ac7f53d\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"32739127f0c38d61b14448c66a797098\"\u003e\u003c/a\u003e嗅探\u0026\u0026Sniff"],"readme":"# http-sniffer\n\nA multi-threading tool to sniff HTTP header records beyond TCP flow statistics.\n\n**MIT licensed.**\n\n## Features\n\n* Live network interface and offline PCAP file capture\n* Multi-threading for high-performance traffic analysis\n* TCP flow statistics export\n* HTTP request/response pair extraction\n* JSON and CSV output formats\n\n## Quick Start\n\n```bash\n# Install dependencies\nsudo apt-get install cmake libpcap-dev libjson-c-dev build-essential  # Ubuntu/Debian\nbrew install cmake libpcap json-c  # macOS\n\n# Build and run\nmake\n./bin/http-sniffer -i \u003cinterface\u003e\n```\n\n## Build\n\n```bash\nmake                # Standard build\nmake debug          # Debug build\nmake nfm            # With NFM support\nmake clean-build    # Clean then build\nmake test           # Run unit tests\nmake test-debug     # Build debug and run tests\n```\n\n## Usage\n\n```bash\n# Live capture\n./bin/http-sniffer -i en0\n\n# PCAP file analysis\n./bin/http-sniffer -r capture.pcap\n\n# Save to JSON\n./bin/http-sniffer -i en0 -o output.json\n```\n\n## Output\n\n### CSV Format\n```csv\n[20120921 16:40:09]10.187.179.28:53196--\u003e180.149.134.229:80 1335164797.208360 0.0 0.0 167 5/3 0/0 0 0\n```\n\n### JSON Format\n```json\n{\n    \"t_r\": \"2025-07-10T11:25:05\",\n    \"sa\": \"1.2.3.4\",\n    \"da\": \"4.3.2.1\",\n    \"sp\": 54180,\n    \"dp\": 80,\n    \"synt\": 1752117904.8173649,\n    \"fbt\": 1752117904.830142,\n    \"lbt\": 1752117904.8638189,\n    \"rtt\": 162,\n    \"spkts\": 9,\n    \"dpkts\": 24,\n    \"spl\": 52,\n    \"dpl\": 30028,\n    \"fc\": 0,\n    \"pcnt\": 1,\n    \"pairs\": [\n        {\n            \"req\": {\n                \"fbt\": 1752117904.830142,\n                \"lbt\": 1752117904.830142,\n                \"totlen\": 52,\n                \"bdylen\": 0,\n                \"ver\": 1,\n                \"mth\": \"GET\",\n                \"host\": \"www.baidu.com\",\n                \"uri\": \"\\/\",\n                \"accept\": \"*\\/*\"\n            },\n            \"res\": {\n                \"fbt\": 1752117904.8458209,\n                \"lbt\": 1752117904.863394,\n                \"totlen\": 30497,\n                \"bdylen\": 29506,\n                \"ver\": 1,\n                \"sta\": 200,\n                \"server\": \"BWS\\/1.1\",\n                \"dat\": \"Thu, 10 Jul 2025 03:25:04 GMT\",\n                \"accept_ranges\": \"bytes\",\n                \"contyp\": \"text\\/html\",\n                \"conlen\": \"29506\"\n            }\n        }\n    ]\n}\n```\n\n## Dependencies\n\n* [libpcap](http://www.tcpdump.org/) - Packet capture\n* [json-c](https://github.com/json-c/json-c) - JSON parsing\n* [CMake](https://cmake.org/) - Build system\n* [Google Test](https://github.com/google/googletest) - Unit testing (optional)\n\n**Note:** If you encounter `json-c` unused params errors on Linux, try the [alternative version](https://github.com/phalcon/json-c).\n\n## Author\n\nXiaming Chen \u003cchenxm35@gmail.com\u003e  \nSJTU, Shanghai, China\n2012-04-01\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcaesar0301%2Fhttp-sniffer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcaesar0301%2Fhttp-sniffer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcaesar0301%2Fhttp-sniffer/lists"}