GitHub - aaptel/qtwirediff: Debugging tool to diff network traces via wireshark

aaptel / qtwirediff Public

Notifications You must be signed in to change notification settings
Fork 13
Star 78

Debugging tool to diff network traces via wireshark

78 stars 13 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 44 Commits
.github/workflows		.github/workflows
dtl		dtl
LICENSE		LICENSE
README		README
diff.cpp		diff.cpp
diff.h		diff.h
difffilterlist.cpp		difffilterlist.cpp
difffilterlist.h		difffilterlist.h
difflinedelegate.cpp		difflinedelegate.cpp
difflinedelegate.h		difflinedelegate.h
difftreemodel.cpp		difftreemodel.cpp
difftreemodel.h		difftreemodel.h
difftreeview.cpp		difftreeview.cpp
difftreeview.h		difftreeview.h
diffview.cpp		diffview.cpp
diffview.h		diffview.h
keyeventfilter.cpp		keyeventfilter.cpp
keyeventfilter.h		keyeventfilter.h
main.cpp		main.cpp
mainwindow.cpp		mainwindow.cpp
mainwindow.h		mainwindow.h
mainwindow.ui		mainwindow.ui
qtwirediff.pro		qtwirediff.pro
session.cpp		session.cpp
session.h		session.h
sessionitem.cpp		sessionitem.cpp
sessionitem.h		sessionitem.h
trace.cpp		trace.cpp
trace.h		trace.h
tracemodel.cpp		tracemodel.cpp
tracemodel.h		tracemodel.h
traceview.cpp		traceview.cpp
traceview.h		traceview.h
traceview.ui		traceview.ui

Repository files navigation

qtwirediff
==========

WireDiff is a debugging tool to diff network traffic leveraging
Wireshark.

Wirediff lets you open 2 network traces packets side-by-side. You can
select a packet from each trace and diff their content at the protocol
level you want.

This is a rewrite of an older tool smbcmp [1] made more generic
(smbcmp only dealt with SMB traffic).

WireDiff is licensed under the GPLv3 and originally written by
Aurélien Aptel <aurelien.aptel@gmail.com>. See LICENSE for more
details.

1: https://smbcmp.github.io


Building
========

This project uses is based on qmake:

$ qmake-qt5 && make

Alternatively you can open the .pro file in QtCreator and build from
there.


Running
========
WireDiff reads standard PCAP files. It requires "tshark" on the path.