Sniffnet

WHAT IS IT?

Sniffnet is a cross-platform desktop application written in Rust that monitors network traffic on your machine in real time. It sits in a sweet spot between command-line tools like tcpdump and heavyweight analyzers like Wireshark, when you just want to quickly understand what's happening on a network interface.

WHY IS IT INTERESTING?

• Polished GUI: live charts, aggregated stats and dynamic filters - no need to learn cryptic BPF syntax.
• Service identification: recognizes 6000+ upper-layer protocols, plus signatures for known trojans and worms.
• Host geolocation: shows source and destination country for each connection, handy for spotting suspicious outbound traffic.
• PCAP friendly: import and export .pcap files for offline analysis in Wireshark or sharing with a teammate.
• Notifications and blacklists: customizable alerts on traffic thresholds or connections to known-bad IPs.
• Cross-platform and lightweight: single binary for Linux, macOS and Windows, with no heavy runtime dependency.

USE CASES

• Diagnose unexpected bandwidth consumption on a workstation.
• Quickly spot outbound connections to unexpected destinations (exfiltration, malware).
• Learn to read network traffic on a machine without Wireshark's steep learning curve.
• Capture a .pcap sample to hand off to a SecOps team for deeper analysis.