
Primary LanguageHTML


The friendly tool for packet analysis and network mapping.

capmap uses scapy, jinja2, and graphviz to provide a map of the network and statistics on who your hosts are talking to.
The script parses each packet in the pcap for the following:

  • Source IP Address
  • Destination IP Address
  • Source MAC Address
  • Destination MAC Address
  • Source Port
  • Destination Port
  • Transport Protocol (TCP/UDP)
  • DNS Queries
  • ICMP echo-requests/echo-replies
  • ARP requests/replies



capmap uses the scapy library to parse through a pcap file.
It parses through TCP, UDP, ICMP, IP, MAC, and ARP data.



capmap uses the jinja2 library to create a HTML template for the statistics output and network visualization.
in main.py:

file_loader = FileSystemLoader('templates')
    env = Environment(loader=file_loader)
    template = env.get_template('capmap.html')
    # render the template and pass in lists for processing in the template
    render = template.render(trans=trans_sorted, ports=port_sorted, dns=dns_queries, arp=arps,      
    # write the completed template to the specified .html file
    filename = os.path.abspath("html/index.html")
    with open(filename, 'w') as f:

in templates/capmap.html:

{% for key, value in packets %}
    <td>{{ key }}</td>
    <td>{{ value }}</td>
{% endfor %}


capmap uses the graphviz library to create a graph of the network hosts and saves it to a .svg file.

Image of Network Graph

net_diagram = Digraph(comment='Network Diagram', format='svg')
net_diagram.attr('node', shape='square')
# initialize list
already_done = []
# zip together source IPs and destination IPs
for address_pair in zip(src_ips, dst_ips):
    if address_pair not in already_done:
        # create nodes for the source IP and destination IP
        # create an edge between the source and destination
        net_diagram.edge(address_pair[0], address_pair[1])
        # append to the list of matched hosts
# render a graph to the specified file


Choose between analyzing an existing pcap or creating a new one.

usage: main.py [-h] (-p pcap | -s) [-n NUM]

capmap outputs a visual and the statistics of a packet capture

optional arguments:
  -h, --help            show this help message and exit
  -p pcap, --pcap pcap  A pcap file
  -s, --scan            Start a packet capture
  -n NUM, --num NUM     Number of packets to capture