PCAPdroid - network monitor

PCAPdroid is a privacy-friendly open source app which lets you track, analyze and block the connections made by the other apps in your device. It also allows you to export a PCAP dump of the traffic, extract metadata and much more!

PCAPdroid simulates a VPN in order to capture the network traffic without root. It does not use a remote VPN server. All the data is processed locally on the device.

Features:

- Log and examine the connections made by user and system apps

- Extract the SNI, DNS query, HTTP URL and the remote IP address

- Inspect HTTP requests and replies thanks to the built-in decoders

- Inspect the full connections payload as hexdump/text and export it

- Decrypt the HTTPS/TLS traffic and export the SSLKEYLOGFILE

- Dump the traffic to a PCAP file, download it from a browser, or stream it to a remote receiver for real time analysis (e.g. wireshark)

- Create rules to filter out the good traffic and easily spot anomalies

- Identify the country and ASN of remote server via offline db lookups

- On rooted devices, capture the traffic while other VPN apps are running

Paid features:

- Firewall: create rules to block individual apps, domains and IP addresses

- Malware detection: detect malicious connections by using third-party blacklists

If you plan to use PCAPdroid to perform packet analysis, please check out

of the manual.

on telegram to discuss and receive updates on the latest features.