2.5.1 macOS 0 0 A native macOS network protocol analyzer for inspecting and exploring .pcap trace files. Cocoa Packet Analyzer (CPA) is a fast, document-based PCAP file analyzer for macOS, built entirely in Swift with a SwiftUI interface designed to feel right at...
Cocoa Packet Analyzer

Cocoa Packet Analyzer

macOS / Utilitaires

Gratuit
Obtenir sur l'App Store

A native macOS network protocol analyzer for inspecting and exploring .pcap trace files.

Cocoa Packet Analyzer (CPA) is a fast, document-based PCAP file analyzer for macOS, built entirely in Swift with a SwiftUI interface designed to feel right at home on the Mac. Open any libpcap-format trace file — the same format produced by tcpdump and the standard set of industry network-analysis tools — and CPA dissects every supported protocol, layer by layer, in a clean four-pane document window:

• A sortable packet list with analyzer-contributed columns
• An outline view showing the full protocol dissection tree
• A hex view that highlights the bytes behind whichever field you select
• A live filter toolbar for narrowing in on exactly what matters

KEY FEATURES
— Follow TCP Stream
Reassemble any bidirectional TCP conversation and switch between four view modes: Conversation (speech bubbles with packet numbers and flags), ASCII transcript, side-by-side hex dump, and a parsed HTTP request / response view.

— Powerful display filtering
A single search field doubles as a token-style query builder with sectioned autocomplete, rich-editor popovers for dates and protocol expressions, nested AND / OR / NOT logic, and a saved-query library — all without leaving the document window. Any filter result can optionally be routed into a new document so the original stays intact.

— Open Selection in New Window
Right-click any packet selection (one or many) and open them in a standalone document with full detail, hex, and filter UI. Save As… / Export… writes a self-contained .pcap that inherits the source's link type and snap length.

— Quick Look + Spotlight integration
A system-wide Quick Look preview shows a summary card (link type, packet count, time range), top protocols and talkers, a packet-rate sparkline, and a packet table — all without opening the app. The bundled Spotlight importer indexes trace metadata so .pcap documents become searchable from Finder and Spotlight.

— Protocol statistics
A one-look summary of any trace: a printable bar chart of protocol distribution alongside file metadata — link type, packet count, byte totals, and time span.

— Printing
Print the packet list, protocol tree, hex view, or statistics chart with progress indication and the standard macOS print accessory panels.

— Localization
Fully localized in English, German, and Japanese.

INCLUDED PROTOCOL ANALYZERS
All analyzers are written in pure Swift and ship as part of the app:

• Link layer — Ethernet II, IEEE 802.11 (RadioTap), Linux cooked (SLL), Loopback, 802.1Q VLAN, MPLS
• PPP & PPPoE — PPP, PPPoE Discovery & Session, LCP, IPCP, IPv6CP, CCP, PAP, CHAP
• Network layer — IPv4, IPv6, ICMP, ICMPv6, IGMP, ARP, IPv6 Mobility, OSPF (RFC 2328), BGP, IPsec ESP
• Transport — TCP (with full options dissection and stream reassembly), UDP, L2TP
• Application & service — DNS, DHCP, DHCPv6, HTTP, HTTP/2 frame dissection (RFC 9113), WebSocket, FTP, SSH, Telnet, SMTP, POP3, IMAP, NNTP, SIP, IAX, SOAP, RADIUS, LDAP, SMB, SNMP

REQUIREMENTS
• macOS 26 or later
• Existing .pcap trace files (libpcap / tcpdump format)

Cocoa Packet Analyzer is the perfect Mac-native companion to any tool that records network traffic — a fast, focused, beautifully integrated way to explore the traces you already have.

En voir plus...

Quoi de neuf dans la dernière version ?

Version 2.5.1
• Requires macOS 26 or later.
• All analyzers ported to pure Swift.
• Added OSPF protocol analyzer (RFC 2328).
• Added HTTP/2 frame dissection (RFC 9113) with a detection toggle.
• Added protocol analyzers: SSH, IAX, SIP, WebSocket, SOAP, BGP, LDAP, SMB, SNMP, Telnet, DNS, IMAP, POP3, SMTP, FTP.
• Added TCP stream reassembly (Follow TCP Stream) with Conversation, ASCII, Hex, and HTTP views.
• Added protocol statistics view with printable charts.
• Added printing support with progress indication.
• Added Open Selection in New Window context menu on the packet table — opens 1..N selected packets in a standalone document window with full detail, hex, and toolbar-filter UI.
• The toolbar filter footer's Open result in new document toggle is now fully wired: committing a filter with it enabled routes the subset into a new document and leaves the current one unchanged.
• Save As… / Export… on selection windows writes a standalone .pcap file and reopens it as a proper document, inheriting the source's link type and snap length.
• Improved hex view selection and display.
• Improved analyzer port customization and reload/clear notifications.
• New Quick Look preview for .pcap files — shows a file summary (link type, packet count, time range), top protocols and talkers, a packet-rate sparkline, and a packet table, without opening the app.
• Spotlight indexing for .pcap files via a new Quick Look Spotlight importer — trace metadata is now searchable from Finder and Spotlight.
• Welcome window: improved button hit area and live refresh of the recents column.
• Fixed toolbar filter item resizing behaviour.
• Help book updates and small UI polish.
• Various bug fixes and performance improvements.

  • Screenshot #1 pour Cocoa Packet Analyzer
  • Screenshot #2 pour Cocoa Packet Analyzer
  • Screenshot #3 pour Cocoa Packet Analyzer