OT PCAP Analyzer: Free PCAP analysis tool

EmberOT’s OT PCAP Analyzer, developed for the industrial security community, is a free tool providing a high-level overview of the devices and protocols in packet capture files.

PCAP Analyzer

“The OT PCAP Analyzer was designed specifically with critical OT environments in mind. We’ve created a novel set of engines to gather and analyze network traffic at speed with unparalleled accuracy. This allows the free PCAP Analyzer to quickly identify OT devices, protocols, and how those elements interact. We stream this data in real-time so the user can begin reviewing results while a .pcap or .pcapng is being processed,” Jori VanAntwerp, CEO of EmberOT, told Help Net Security.

OT PCAP Analyzer: Key features

  • Intuitive UX to streamline the analysis process.
  • Unique dissectors provide more detailed and specific packet analysis.
  • View device metadata like IP addresses, vendor name, class (IT/OT), and subclass type (i.e., workstation, PLC).
  • Gain deeper insights into protocol communications and their directions.
  • Network traffic visualizations and maps of device communications.
  • Filter device view by protocol, CIDR, or manufacturer.

“The information provided in the tool allows users to preview the data they’re gathering, the data flow, and throughput information. This will enable teams to ensure they’re deploying in the correct area, and it also assists with correct resource sizing,” VanAntwerp added.

New developments

OT PCAP Analyzer was recently updated. Version 0.1.4 introduces developments, performance enhancements, improved error handling, and support for the PCAP Next Generation (PCAPng) file type.

The tool now accommodates the .pcapng file format, which enables processing more detailed packet information. This includes metadata, drop counters, DNS records, and annotations, providing users with a more comprehensive view of network activity.

The tool’s performance improvements and refined error handling ensure users can conduct seamless and efficient PCAP analysis, regardless of file size or complexity.

OT PCAP Analyzer is available for free here.

Don't miss