WireEdit is first-of-a-kind and the only full stack cross-platform WYSIWYG network packets editor. It allows editing packets data at all stack layers as “rich text” in a simple point-and-click interface. The input and output format is Pcap.
Yes, but it’s just a tiny fraction of WireEdit capabilities. WireEdit at its core is about editing the packets’ data itself, including the application stack layers _ above _ TCP/UDP/SCTP.
Strictly speaking, Pcap is just a wrapper format for holding captured packets binaries. While some Pcap metadata (timestamps for example) editing is supported by WireEdit for user convenience, it’s generally not the main focus of the development. Network packets carry all kinds of sensitive data, including login credentials, crypto keys, private text messages, etc. In fact, data carried by any packet field can be considered sensitive in some context. How could one quickly scrub the sensitive data from a pcap file, while keeping the structure and integrity of the packets otherwise intact?
You need a full stack packet editor. WireEdit is the only one.
Ethernet, IPv4, IPv6, UDP, TCP, SCTP, ARP, RARP, DHCP, DHCPv6, ICMP, ICMPv6, IGMP, DNS, LLDP, RSVP, FTP, NETBIOS, GRE, IMAP, POP3, RTCP, RTP, SSH, TELNET, NTP, LDAP, XMPP, VLAN, VXLAN, CIFS/SMB v1 (original), BGP, OSPF, SMB3, iSCSI, SCSI, HTTP/1.1, HTTP2, OpenFlow 1.0-1.4, SIP, SDP, MSRP, MGCP, MEGACO (H.248), H.245, H.323, CISCO Skinny, Q.931/H.225, SCCP, SCMG, SS7 ISUP, TCAP, GSM MAP R4, GSM SM-TP, M3UA, M2UA, M2PA, CAPWAP, IEEE 802.11, SMPP, TLS, more to come…