{"id":13642125,"url":"https://github.com/onotelli/justniffer","last_synced_at":"2026-04-02T18:03:39.019Z","repository":{"id":3268860,"uuid":"4308113","full_name":"onotelli/justniffer","owner":"onotelli","description":"Justniffer Just A Network TCP Packet Sniffer. Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate web server log files, track response times and extract all \"intercepted\" files from the HTTP traffic","archived":false,"fork":false,"pushed_at":"2026-03-29T17:16:55.000Z","size":6631,"stargazers_count":224,"open_issues_count":6,"forks_count":59,"subscribers_count":8,"default_branch":"master","last_synced_at":"2026-03-29T17:33:47.605Z","etag":null,"topics":["cli","cpp","cybersecurity","http","linux","network","security","security-tools","sniffer","tcp-ip","tcp-protocol","tcpdump","traffic-analysis"],"latest_commit_sha":null,"homepage":"http://onotelli.github.io/justniffer/","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":"Unmaintained","scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/onotelli.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2012-05-12T16:56:27.000Z","updated_at":"2026-03-29T17:16:58.000Z","dependencies_parsed_at":"2024-03-28T22:44:20.021Z","dependency_job_id":"eb98d757-0551-4ecb-8fd6-88b1b2d21952","html_url":"https://github.com/onotelli/justniffer","commit_stats":{"total_commits":188,"total_committers":3,"mean_commits":"62.666666666666664","dds":0.3191489361702128,"last_synced_commit":"cfa5c097b870abe2e54362d2eeb07fa44326d57e"},"previous_names":[],"tags_count":18,"template":false,"template_full_name":null,"purl":"pkg:github/onotelli/justniffer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/onotelli%2Fjustniffer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/onotelli%2Fjustniffer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/onotelli%2Fjustniffer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/onotelli%2Fjustniffer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/onotelli","download_url":"https://codeload.github.com/onotelli/justniffer/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/onotelli%2Fjustniffer/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31312744,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T12:59:32.332Z","status":"ssl_error","status_checked_at":"2026-04-02T12:54:48.875Z","response_time":89,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","cpp","cybersecurity","http","linux","network","security","security-tools","sniffer","tcp-ip","tcp-protocol","tcpdump","traffic-analysis"],"created_at":"2024-08-02T01:01:27.838Z","updated_at":"2026-04-02T18:03:39.011Z","avatar_url":"https://github.com/onotelli.png","language":"C","funding_links":[],"categories":["Python","\u003ca id=\"7bf0f5839fb2827fdc1b93ae6ac7f53d\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"32739127f0c38d61b14448c66a797098\"\u003e\u003c/a\u003e嗅探\u0026\u0026Sniff"],"readme":"![572190464-b1760d2a-f0ef-4b2b-bfad-2baae3313ffc](https://github.com/user-attachments/assets/298df5ae-a8d4-4b42-b191-3a1262a04137)\n\n\n# Justniffer \n[Project Page](https://onotelli.github.io/justniffer/)\n\n[![License](https://img.shields.io/badge/License-GPLv3-blue.svg)](https://www.gnu.org/licenses/gpl-3.0.en.html)\n[![Platform](https://img.shields.io/badge/Platform-Linux-2ea44f.svg)](https://kernel.org)\n[![Latest Release](https://img.shields.io/github/v/release/onotelli/justniffer?color=b85c00\u0026label=Latest%20Release)](https://github.com/onotelli/justniffer/releases/latest)\n[![Docker Hub](https://img.shields.io/badge/Docker-onotelli%2Fjustniffer-2496ed?logo=docker)](https://hub.docker.com/r/onotelli/justniffer)\n---\n\n## Overview\n\n**Justniffer** is a network TCP packet sniffer and logging tool designed to capture, decode, and analyze TCP/IP traffic with a strong focus on HTTP. Its flexible logging engine allows it to adapt to virtually any TCP‑based protocol, making it useful for debugging, performance analysis, and custom traffic inspection.\n\nJustniffer can decode HTTP requests and responses, extracting:\n\n- Client and server IP addresses \n- Requested URLs \n- HTTP headers \n- Message bodies \n- Timing information (request time, response time, idle time, etc.)\n\nFor non‑HTTP traffic, Justniffer provides a powerful and customizable logging system that allows you to extract any relevant information from the TCP data stream.\n\nPacket capture is performed using **libpcap**, ensuring compatibility with standard capture formats and tools such as `tcpdump`.\n\n---\n\n## Features\n\n- **HTTP request/response decoding** \n- **Customizable log formats** for any TCP‑based protocol \n- **Performance metrics**: request time, response time, idle time, connection time \n\n```mermaid\nsequenceDiagram\n participant Client\n participant Server\n\n %% Connection setup\n Client-\u003e\u003eServer: SYN (connect)\n Note right of Server: %connection.time\n Server--\u003e\u003eClient: SYN/ACK\n Client-\u003e\u003eServer: ACK\n Note right of Server: ESTABLISHED\n\n %% Idle before request\n Note right of Server: %idle.time.0\\n(after connection, before request)\n\n %% Request phase\n Client-\u003e\u003eServer: Request (first packet)\n Server--\u003e\u003eClient: ACK\n\n Client-\u003e\u003eServer: Request (data...)\n Note right of Server: %request.time\n Server--\u003e\u003eClient: ACK\n\n Client-\u003e\u003eServer: Request (last packet)\n Server--\u003e\u003eClient: ACK\n\n %% Response phase\n Note right of Server: %response.time.begin\n\n Server--\u003e\u003eClient: Response (first packet)\n Client-\u003e\u003eServer: ACK\n\n Server--\u003e\u003eClient: Response (data...)\n Note right of Server: %response.time.end\n Client-\u003e\u003eServer: ACK\n\n Server--\u003e\u003eClient: Response (last packet)\n Client-\u003e\u003eServer: ACK\n\n %% Idle after response\n Note right of Server: %idle.time.1\\n(after response, before next request/close)\n\n %% Connection close\n Server--\u003e\u003eClient: CLOSE\n```\n\n\n- **libpcap‑based capture** (live or from `.pcap` files) \n- **Promiscuous mode support** for passive monitoring \n- **Extensible** via external scripts (bash, Python, Perl, ELF binaries) — [Learn more](https://onotelli.github.io/justniffer/EXTENDING) \n- **Reconstructs TCP streams** including reordering, retransmissions, fragmentation \n\n---\n\n# Quick Start\n\n## Install on Ubuntu\n\n```bash\nsudo apt install software-properties-common\nsudo add-apt-repository ppa:oreste-notelli/ppa\nsudo apt update\nsudo apt install justniffer\n```\n\n## Capture HTTP traffic in access‑log style\n\n```bash\njustniffer -i eth0\n```\n\n## Add response time to each log entry\n\n```bash\njustniffer -i eth0 -a \" %response.time\"\n```\n\n## Capture full HTTP requests and responses\n\n```bash\njustniffer -i eth0 -r\n```\n\n## Use a custom log format\n\n```bash\njustniffer -i eth0 -l \"%request.timestamp %source.ip %dest.ip %request.header.host %request.url\"\n```\n\n## Read from a PCAP file\n\n```bash\njustniffer -f file.cap\n```\n\n---\n\n# Examples\n\n### Example 1 — Retrieve HTTP traffic in access‑log format\n\n```bash\njustniffer -i eth0\n```\n\noutput:\n\n```\n192.168.2.2 - - [15/Apr/2009:17:19:57 +0200] \"GET /sflogo.php?group_id=205860\u0026type=2 HTTP/1.1\" 200 0 \"\" \"Mozilla/5.0 ...\"\n...\n```\n\n---\n\n### Example 2 — Append additional fields (e.g., HTTP response time)\n\n```bash\njustniffer -i eth0 -a \" %response.time\"\n```\n\noutput:\n\n```\n192.168.2.5 - - [22/Apr/2009:22:27:36 +0200] \"GET /sflogo.php?group_id=205860\u0026type=2 HTTP/1.1\" ... 0.427993\n...\n```\n\n---\n\n### Example 3 — Capture all TCP traffic \n(add `-u` or `-x` to encode unprintable characters)\n\n```bash\njustniffer -i eth0 -r\n```\n\noutput:\n\n```\nGET /doc/maint-guide/ch-upload.en.html HTTP/1.1\nHost: www.debian.org\n...\n```\n\n---\n\n### Example 4 — Define a completely custom log format\n\n```bash\njustniffer -i eth0 -l \"%request.timestamp %source.ip %dest.ip %request.header.host %request.url\"\n```\n\noutput:\n\n```\n06/28/11 13:30:48 192.168.2.2 72.14.221.118 i1.ytimg.com /vi/TjSk6CVN5LY/default.jpg\n...\n```\n\n---\n\n### Example 5 — Read from a capture file\n\n```bash\njustniffer -f /file.cap\n```\n\n---\n\n# Documentation\n\nFull documentation, advanced examples, and usage guides: \n👉 **https://onotelli.github.io/justniffer/**\n\n---\n\n# Contributing\n\nPull requests, bug reports, and feature suggestions are welcome.\n\n---\n\n# License\n\nJustniffer is released under the **GPLv3** license.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fonotelli%2Fjustniffer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fonotelli%2Fjustniffer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fonotelli%2Fjustniffer/lists"}