Host-based Deep Packet Inspection for Network Security Analysis
DPiracy is a lightweight DPI (Deep Packet Inspection) tool built with C for high-performance packet capture and Go for real-time visualization. Monitor network traffic, analyze protocols, and track connections with both terminal and web-based dashboards.
- Real-time Packet Capture - Monitor network traffic using libpcap
- Protocol Analysis - HTTP, HTTPS, DNS, TCP, UDP, ICMP detection
- TShark Integration - Deep packet analysis with comprehensive JSON output
- Port Analysis - Device and Server port tracking for network flow analysis
- Domain Resolution - Automatic hostname lookup for IP addresses
- Live Dashboards - Terminal and web-based interfaces with detailed connection views
- Connection Tracking - Active/inactive status with timestamps and packet analysis
- Interactive Analysis - View detailed packet analysis with beautiful JSON formatting
- Silent Mode - Run with
-sflag for quiet operation - Log File Support - Use
-l <logfile>for persistent logging - JSON Export - Structured data output for integration
# Install dependencies
sudo apt-get install libpcap-dev libcjson-dev build-essential cmake golang-go tshark
# Build
mkdir build && cd build && cmake .. && make && cd ..
cd dashboard && go mod tidy && cd ..
# Run
cd build && sudo ./dpiracy -i eth0 # Terminal 1: Packet capture
cd dashboard && go run . -mode web # Terminal 2: Web dashboard
# Open browser to http://localhost:8080- Real-time Statistics - Live packet counts and protocol breakdown
- Connection Table - Device Port, Server Port, and application identification
- Auto-refresh - Configurable update intervals
- Interactive Interface - Modern web-based monitoring
- Connection Details - Click "View" button for analysis (tabs or JSON view)
- TShark Integration - Beautiful JSON packet analysis for 100+ packet connections
- Port Analysis - Clear device/server port identification
- Live Updates - WebSocket-based real-time data
- Automatic TShark Analysis - Triggered every 100 packets
- Comprehensive Reports - Full protocol stack breakdown
- JSON Export - Copy analysis data to clipboard
- Silent Mode - Run with
-sflag for background operation
- Installation Guide - Complete setup instructions for Linux
- Usage Guide - Command-line flags, examples, and workflows
[Network Interface] → [C Engine] → [JSON Files] → [Go Dashboard] → [Terminal/Web UI]
- C Engine: High-performance packet capture and protocol parsing
- Go Dashboard: Real-time visualization with terminal and web interfaces
- JSON Communication: File-based data exchange for modularity
| Platform | Status | Notes |
|---|---|---|
| Linux | Full Support | Primary development platform |
| macOS | Untested | Should work, similar to Linux |
We welcome contributions! This project focuses on:
- Network security analysis and monitoring
- Cross-platform packet inspection tools
- Real-time data visualization
- Educational DPI concepts
Apache License 2.0 - see LICENSE file for details.
Licensed under the Apache License, Version 2.0