BLOG     |     FORUM

Unsniff Network Analyzer

Unsniff main window

Analyze live traffic or pcap files

Monitor packets, PDUs, flows, and content

Write your own tools in Ruby

Remote analysis via Trisul


  • SSL/TLS Decryption
  • HTTP complete page reconstruction
  • H.323/SIP/IAX2 playback
  • SMB/CIFS File extraction
  • More

Download Unsniff

Secure order Unsniff

Content aware analysis

View network traffic, how it appears at different layers :

  • View reconstructed "user objects"  like HTML, Voice conversations, images
  • Automatically monitor whole TCP sessions
  • View reassembled PDUs, not just link layer packets
  • Statistics and conversations
  • Decrypt TLS if you possess the private key
  • Easily extensible

Two interfaces

A graphical interface that is designed for beginners. All fields are drawn as a protocol diagram with help tooltips. Just hover your move over any field to view a description of the field.  Read more

Protocol field bubble help

A scripting interface designed to automate analysis. You can write scripts in Ruby or VBScript and either run them stand alone or attach them to menus. Read more

Scripting in Ruby

Distributed analysis with Trisul

Unsniff 2.0 can connect securely to Trisul. This allows you to perform drill down network analysis without having to haul large packet dumps across your network.

Trisul integration