Blog tripleawire-network-traffic-capture-and-analysis-tool
networkMARCH 23, 2024

TripleaWire : Network Traffic Capture and Analysis Tool

kraaakilo's avatar

TripleaWire : Capture your network traffic and analyze it.

TripleaWire is a network traffic capture and analysis tool. It is designed to capture network traffic and trigger alerts it in real-time. The tool is built using GO for the core and React for the UI

Main Goal of the Project

The main goal of the project is to provide a simple and easy-to-use tool for network traffic analysis. The tool is designed to be user-friendly and easy to set up. The tool can be used by network administrators, security professionals, and anyone who wants to analyze network traffic. All of this is done in real-time and have both a CLI and a Web UI for the user to interact with.

Features

  • Capture network traffic in real-time (Only TCP and ICMP packets are supported for now.)

  • Show packets details in a human readable format.

  • Trigger alerts based on packet data.

    The core can be configured to trigger alerts based on packet data. For example, the core can be configured to trigger an alert when a packet with a specific IP address is detected. This feature can be used to detect for example if a computer in the network trying to access some restricted website.

  • Websocket server to stream packets to the UI.

Here is an sample example of the UI:

TripleaWire UI

Running the Core Project:

  1. Install Go: Download and install Go from here.

  2. Clone Repository: Clone the TripleaWire repository.

    git clone https://github.com/kraaakilo/tripleawire.git

  3. Build Core Project: Navigate to the core directory and run the following command to build the core project.

    cd tripleawire/core
go build

  4. Start Websocket Server: Run the following command to start the core websocket server.

    ./triplewire --interface interface-to-use --mode web

    Optionally, you can run the following command to start the core in CLI mode.

    ./triplewire --interface interface-to-use --mode cli

Running the UI:

  1. Install Node and pnpm: Ensure you have Node.js and pnpm installed on your machine.

  2. Clone Repository: Clone the TripleaWire repository.

    git clone https://github.com/kraaakilo/tripleawire.git

  3. Install Dependencies: Navigate to the UI directory and install dependencies.

    cd tripleawire/ui
pnpm install

  4. Start UI: Run the following command to start the UI.

    pnpm dev

Important Note:

  • Caution: Since the project is still in development, it's advisable to use it with caution.
  • Administrator Privileges: Run the program as an administrator to allow network traffic capture.

The provided guide should help users get started with setting up and running TripleaWire for network traffic analysis.

Let's connect

Stay in the loop with my latest projects and insights! Follow me on Twitter to catch all the updates as they happen. Don't miss out on the journey – let's connect and explore the world of tech together. Click to follow now!

Follow me