E
eigen-vector
Guest
Hey all, I built babyshark, a terminal UI for PCAPs aimed at people who find Wireshark powerful but overwhelming.
The goal is “PCAPs for humans”: Overview dashboard answers what’s happening + what to click next
Domains view (hostnames first) → select a domain → jump straight to relevant flows (works even when DNS is encrypted/cached by using observed IPs from flows)
Weird stuff view surfaces common failure/latency signals (retransmits/out-of-order hints, resets, handshake issues, DNS failures when visible)
From there you can drill down: Flows → Packets → Explain (plain-English hints) / follow stream
Commands: Offline: babyshark --pcap capture.pcap
Live (requires tshark): babyshark --list-ifaces then babyshark --live en0
Repo + v0.1.0 release: https://github.com/vignesh07/babyshark
Would love feedback on UX + what “weird detectors” you’d want next.
Comments URL: https://news.ycombinator.com/item?id=47128535
Points: 59
# Comments: 30
The goal is “PCAPs for humans”: Overview dashboard answers what’s happening + what to click next
Domains view (hostnames first) → select a domain → jump straight to relevant flows (works even when DNS is encrypted/cached by using observed IPs from flows)
Weird stuff view surfaces common failure/latency signals (retransmits/out-of-order hints, resets, handshake issues, DNS failures when visible)
From there you can drill down: Flows → Packets → Explain (plain-English hints) / follow stream
Commands: Offline: babyshark --pcap capture.pcap
Live (requires tshark): babyshark --list-ifaces then babyshark --live en0
Repo + v0.1.0 release: https://github.com/vignesh07/babyshark
Would love feedback on UX + what “weird detectors” you’d want next.
Comments URL: https://news.ycombinator.com/item?id=47128535
Points: 59
# Comments: 30