PCAP Sentry

by industrial-davev2026.2.17.2

industrial-dave.PCAP-Sentry

Learn Malware Network Traffic Analysis - Beginner-friendly educational tool

Visit homepage

Install with winget

$ winget install --id industrial-dave.PCAP-Sentry --exact --version 2026.2.17.2

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph — no manual repackaging, no chasing vendor sites.

See Pckgr's app library

About

PCAP Sentry is a beginner-friendly educational tool for learning to identify malware network traffic patterns. It analyzes network packet captures (.pcap / .pcapng) and teaches you how to recognize suspicious activity with clear explanations and hands-on practice.

Features:

- Beginner-focused explanations for understanding suspicious network traffic

- Risk scoring (0-100) to learn which patterns indicate malicious behavior

- Behavioral detection for beaconing, DNS tunneling, port scanning, data exfiltration

- Real-world threat intelligence integration (OTX, URLhaus, AbuseIPDB)

- AI-powered guidance with local LLM chat support

- Credential extraction learning from unencrypted protocols

- C2 pattern detection and Wireshark filter generation

- Trainable knowledge base for building malware signature libraries

- Works offline with local models and threat databases

Installers · v2026.2.17.2

Architecture	Type	Scope	Install	Download
x64	inno	machine		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.