TripleaWire is a network traffic capture and analysis tool. It is designed to capture network traffic and analyze it in real-time. The tool is built using golang for the core and React for the UI.
-
Capture network traffic in real-time (Only TCP and ICMP packets are supported for now.)
-
Show packets details in a human readable format.
-
Trigger alerts based on packet data.
The core can be configured to trigger alerts based on packet data. For example, the core can be configured to trigger an alert when a packet with a specific IP address is detected. This feature can be used to detect for example if a computer in the network trying to access some restricted website.
-
Websocket server to stream packets to the UI.
-
Install Go: Download and install Go from here.
-
Clone Repository: Clone the TripleaWire repository.
git clone https://github.com/kraaakilo/tripleawire.git
-
Build Core Project: Navigate to the core directory and run the following command to build the core project.
cd tripleawire/core go build
-
Start Websocket Server: Run the following command to start the core websocket server.
./triplewire --interface interface-to-use --mode web
Optionally, you can run the following command to start the core in CLI mode.
./triplewire --interface interface-to-use --mode cli
-
Install Node and pnpm: Ensure you have Node.js and pnpm installed on your machine.
-
Clone Repository: Clone the TripleaWire repository.
git clone https://github.com/kraaakilo/tripleawire.git
-
Install Dependencies: Navigate to the UI directory and install dependencies.
cd tripleawire/ui pnpm install
-
Start UI: Run the following command to start the UI.
pnpm dev
- Caution: Since the project is still in development, it's advisable to use it with caution.
- Administrator Privileges: Run the program as an administrator to allow network traffic capture.
The provided guide should help users get started with setting up and running TripleaWire for network traffic analysis.