Best Packet Analyzers for Mac

Capture all HTTP(S) traffic between your computer and the Internet with Telerik Fiddler HTTP(S) proxy. Inspect traffic, set breakpoints, and fiddle with requests & responses. Fiddler Everywhere is a web debugging proxy for macOS, Windows, and Linux. Capture, inspect, monitor all HTTP(S) traffic between your computer and the Internet, mock requests, and diagnose network issues. Fiddler Everywhere can be used for any browser, application, process. Debug traffic from macOS, Windows, or Linux systems and iOS or Android mobile devices. Ensure the proper cookies, headers, and cache directives are transferred between the client and server. Supports any framework, including .NET, Java, Ruby, etc. Mock or modify requests and responses on any website. It’s a quick and easy way to change the request and responses to test websites without changing code. Use Fiddler Everywhere to log all HTTP/S traffic between your computer and the Internet.

Tcpdump is a powerful command-line packet analyzer that allows users to display the contents of network packets transmitted or received over a network to which the computer is attached. It operates on most Unix-like systems, including Linux, Solaris, FreeBSD, NetBSD, OpenBSD, and macOS, utilizing the libpcap library for network traffic capture. Tcpdump can read packets from a network interface card or from a previously created saved packet file, and it provides options to write packets to standard output or a file. Users can apply BPF-based filters to limit the number of packets processed, enhancing usability on networks with high traffic volumes. The tool is distributed under the BSD license, making it free software. In many operating systems tcpdump is available as a native package or port, which simplifies installation of updates and long-term maintenance.

Arkime is an open source, large-scale, full packet capturing, indexing, and database system designed to augment existing security infrastructure by storing and indexing network traffic in standard PCAP format. It offers full network visibility, facilitating the swift identification and resolution of security and network issues. Security teams gain access to the necessary network visibility data essential for responding to and investigating incidents to expose the full attack scope. Designed to be deployed across multiple clustered systems, Arkime provides the ability to scale to hundreds of gigabits per second. It allows security analysts to respond, reconstruct, investigate, and confirm information about the threats within your network, enabling appropriate responses quickly and precisely. As an open-source platform, Arkime provides users with the benefits of transparency, cost-effectiveness, flexibility, and community support.

Sniffnet is a network monitoring tool designed to help users easily keep track of their Internet traffic. Whether gathering statistics or inspecting in-depth network activities, Sniffnet provides comprehensive coverage. It emphasizes user experience, ensuring ease of use compared to other cumbersome network analyzers. Completely free and open source, Sniffnet is dual-licensed under MIT or Apache-2.0, with the full source code available on GitHub. Developed entirely in Rust, it leverages this modern programming language to build efficient and reliable software, emphasizing performance and safety. Key features include selecting a network adapter to inspect, applying filters to observed traffic, viewing overall statistics and real-time charts of Internet traffic, exporting comprehensive capture reports as PCAP files, identifying over 6,000 upper-layer services, protocols, trojans, and worms, discovering domain names and ASNs of hosts, pinpointing connections in the local network.

Omnipeek® delivers visual packet intelligence with sophisticated deep packet analysis for faster mean time to resolution of network and security issues. Enterprises and service providers depend on reliable network performance. Configuration errors, network or application faults, and security attacks can jeopardize operations, user experience, and the bottom line. To keep networks performing optimally, engineers need to be able to continuously monitor their networks and quickly troubleshoot problems wherever they occur. They need real-time analysis for every type of network segment—1/10/40/100 Gigabit, 802.11, and voice and video over IP—and for every level of network traffic. Omnipeek, a best-in-class suite of network analytics software, delivers intuitive visualization and effective forensics for faster resolution of network and application performance issues and security investigations. Omnipeek builds on years of LiveAction packet intelligence with customizable workflows.