PCAP Sentry

industrial-dave · industrial-dave.PCAP-Sentry

Learn Malware Network Traffic Analysis - Beginner-friendly educational tool

PCAP Sentry is a beginner-friendly educational tool for learning to identify malware network traffic patterns. It analyzes network packet captures (.pcap / .pcapng) and teaches you how to recognize suspicious activity with clear explanations and hands-on practice. Features: - Beginner-focused explanations for understanding suspicious network traffic - Risk scoring (0-100) to learn which patterns indicate malicious behavior - Behavioral detection for beaconing, DNS tunneling, port scanning, data exfiltration - Real-world threat intelligence integration (OTX, URLhaus, AbuseIPDB) - AI-powered guidance with local LLM chat support - Credential extraction learning from unencrypted protocols - C2 pattern detection and Wireshark filter generation - Trainable knowledge base for building malware signature libraries - Works offline with local models and threat databases