PCAPdroid
127.0.0.1
1234
%1$s:%2$d
%1$s (%2$s)
SNI
URL
WHOIS
System ID
PCAPdroid is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License or later for
more details
Open Source Licenses:
\n\n
- zdtun: GPL-3.0\n\n
- nDPI: LGPL-3.0\n\n
- CustomActivityOnCrash: Apache-2.0\n\n
- Gson: Apache-2.0\n\n
- Brotli decoder: MIT\n\n
- mitmproxy: MIT\n\n
- MaxMind DB Reader: Apache-2.0\n\n
- FlagKit: MIT\n\n
- IP Geolocation by DB-IP\n\n
- AppIntro: Apache-2.0\n\n
- Font Awesome: Licenses\n\n
- App icon by Freepik from flaticon\n\n
- SourceCodePro font: OFL-1.1\n\n
IPProto,SrcIP,SrcPort,DstIp,DstPort,UID,App,Proto,Status,Info,BytesSent,BytesRcvd,PktsSent,PktsRcvd,FirstSeen,LastSeen
Start
Stop
Settings
UDP collector: %1$s:%2$d
HTTP server: http://%1$s:%2$d
%1$s received — %2$s sent
Query
Host
Target app
Ready
About
Status
Connections
No connections
Connection details
App
Protocol
Source
Destination
Packets
Duration
HTTP server
UDP exporter
No dump
Traffic will not be dumped
Start an HTTP server for the PCAP download
Sends the PCAP to a remote UDP receiver
HTTP server port
Collector IP address
Collector port
Traffic dump
User guide
Telegram group
Source code
Yes
No
Could not set up the VPN
Could not find the "%1$s" app
Stats
Active connections
Dropped connections
Total connections
Open sockets
Max FD
Bytes sent
Bytes received
Packets sent
Packets received
DNS queries
Search apps
No apps
DNS server
Apps
PCAP file
Create a PCAP file in device storage
Cannot write file
Share
Delete
OK
Traffic saved to the \"%1$s\" file (%2$s)
Could not delete the file
Capture running
%1$s captured, %2$s connections
%1$s, %2$d
Active
First seen
Last seen
Closed
Copy to clipboard
Save to file
%1$d older connections not shown
PCAPdroid is an open source network capture and monitoring tool which works without root privileges
Get it:
Unknown
Phone
IPv6
Allow IPv6 connections to the Internet. Only use this on networks with an IPv6 gateway
Error
Unreachable
Other
App language
English
System
No app found to handle file selection
File saved as \"%1$s\"
Light
Dark
Theme
SOCKS5
Redirect all the TCP connections to the specified SOCKS5 proxy
SOCKS5 proxy: %1$s:%2$d
Proxy IP address
Proxy port
Capture as root
Allows PCAPdroid to run with other VPN apps
Donate
Root log
Search…
App: %1$s
IP address: %1$s
Host: %1$s
Protocol: %1$s
Whitelist…
Hide…
%1$d selected
Select all
App details
Package name
UID
Name
Version
Target SDK
Installed on
Last update
Permissions
System daemons running with maximum privileges
The system daemon performing the DNS resolutions
The Android system
Telephony services
\"Unknown\" marks connections whose app could not be determined
Packets dropped
Capture
PCAPdroid trailer
A trailer containing additional metadata (such as the app name) will be added to the dumped packets
How to display the trailer data in Wireshark
Please complete your transaction to redeem this feature
An app wants to capture your device traffic.\nDeny it if you are not sure
Deny
Allow
PCAPdroid control request
PCAPdroid: the control request was denied
PCAPdroid: the control request was allowed
Capture interface
Internet
All interfaces
Capturing packets from \"%1$s\"
Edit filter
Edit list
Hidden connections rules
The list is empty
Malicious connection detected (%1$s)
Malicious connections
Security
Malware detection
Detect connections to known malicious hosts via third-party blacklists
Reset
Malware whitelist rules
This feature is currently unavailable for your device
The connection to Google Play is in progress, please retry in a while
User-defined whitelist to inhibit malware detection. Long-press malicious connections to create rules unmarking them as malware
List of rules to hide connection-list entries so you can focus on relevant ones
Malicious
Status: %1$s
Not hidden
Copy…
"URL: %1$s"
Show me
Hint
Once
Forever
Control permissions
Check which apps are allowed to control the PCAPdroid capture
%1$s: %2$s
Country
ASN
Country: %1$s
Send report
Start at boot
Auto-starts capture after boot
No malicious traffic detected
Malicious connections detected
Whitelist
Blacklists
Outdated
Not loaded
Up-to-date
"Type: %1$s"
IP blacklist
Domain blacklist
%1$s rules
Last update: %1$s
Malicious connections
Updated blacklists
Connections checked
Last update
Domain rules
IP rules
Some blacklists are outdated
Update now
Updating…
Learn more about the malware detection feature
Private DNS prevents PCAPdroid from inspecting the DNS traffic. You can turn it off from the Android network settings
Private DNS hinders detection
Select a target app when decrypting TLS to avoid losing your connection to the Internet
Block…
Unblock…
Firewall
Firewall rules
Blocked
%1$s pkts
Blocked connections
blocked
Paid features
Unlock code
Validate
Valid
Invalid
No app found to perform this action
Interface
Interface: %1$s
Loading…
Purchased
No items available for purchase
Could not connect to Google Play. Please retry in a while
Learn more
Buy
The capture is not running
Start the capture first
Copied
You can now use the purchased feature
Disconnect the active VPN app and continue?
Loading apps…
Open drawer
Close drawer
Capture the traffic of all the apps
Saved
TLS decryption
Decrypt the SSL/TLS traffic by performing mitm. This may now work with some apps, check out the user guide
TLS decryption is starting…
TLS decryption is running
Traffic inspection
Could not start the mitm service. Reinstall the mitm addon and retry
Mitm setup wizard
Install
Export
Install the PCAPdroid mitm addon.\n\nNOTE: The addon depends on closed source software
Configure
Give PCAPdroid the permission to control the mitm addon
Export the PCAPdroid CA certificate, then open the Android \"Encryption & Credentials\" settings and choose install it as a \"CA certificate\"
Install the PCAPdroid CA certificate, choosing \"VPN and apps\". Android will ask for your lockscreen or password
Checking the certificate…
An error occurred while exporting the CA certificate\n\nIf your device implements Autostart or similar software to limit background services execution, be sure to whitelist PCAPdroid
Certificate exported, now install it from the Android settings
The CA certificate is installed
The CA certificate is not installed, run the mitm setup wizard
Bad PCAPdroid mitm addon version. Uninstall it and retry
The PCAPdroid plugin must be upgraded
Upgrade
Export failed
Not encrypted
Request
Response
Overview
HTTP request
HTTP response
Payload is truncated. Enable \"%1$s\" to show it in full
WebSocket
HTTP
Payload
TX
RX
Full payload
Show the full connections payload (e.g. the full HTTP request and response). This requires a lot of memory, don\'t use in the long run
Not decryptable
Decrypted
Decryption
Decryption: %1$s
PCAPdroid has not seen the start of this connection. Some information may be missing
Traffic
No application data has been exchanged
Waiting data
Display as…
Printable text
Hexdump
Geolocation
Show country and ASN info by performing offline lookups
Downloading…
Download in progress, please wait
Download failed
Database not found. Geolocation is disabled
Database
Built on: %1$s
Tap to download the latest database. New databases are available monthly
Size: %1$s
Tap to delete the database and save space
Download
This connection has been blocked by PCAPdroid
Import
Import failed
Invalid backup format
Imported %1$d rules
No rules to export
Keep the existing rules?
Keep
Discard
Delete the selected rules?
Blocklist
Configured rules
Connections blocked
Last block
Firewall is disabled
Firewall is enabled
App info
Block
Unblock
This connection was initiated by netd so it could not be blocked
Block internet access to apps, configure rules for specific domains and IP addresses. Only works with the non-root capture
No-root firewall
Block QUIC
Block QUIC connections to possibly fall back to decryptable TLS. Some apps may stop working
Block private DNS
Detect and possibly block private DNS to inspect DNS traffic. Disabling this can hinder detection
This wizard will guide you through the installation of the PCAPdroid mitm addon and certification authority, which are needed to perform the TLS decryption
PCAPdroid is now ready to decrypt the TLS traffic\n\nCheck out the user guide to know more about the security measures which may prevent decryption and how to bypass them
Welcome to PCAPdroid
Next
Skip
Back
Done
PCAPdroid is a privacy-friendly app which lets you track and analyze the connections made by the apps in your device\n\nMoreover, it allows you to export a PCAP dump of the traffic, extract metadata and much more!
Privacy first
The app does not employ any tracking, analytics or calling home anti-features\n\nHow can you be sure? Check out its privacy policy and its source code
Country and ASN
PCAPdroid can query a local database to determine the country of a remote server\n\nYou must first download the database from the PCAPdroid settings
PCAPdroid simulates a VPN in order to capture the network traffic without root.\n\nTo start the capture, you need to accept the VPN request in the next screen
Inspecting HTTP requests, responses and raw data is easy, thanks to the built-in decoders\n\nGot an encrypted connection? You can enable the TLS decryption to get the decrypted data
With the integrated Firewall you can easily block Internet access to individual apps and domains\n\nCombine this with the built-in traffic visibility to get the ultimate tool to protect your privacy
Enhance the security of your device with the Malware detection feature\n\nBy using up-to-date blacklists, it can detect, block and alert malicious connections in real-time
PCAPdroid provides multiple ways to dump the traffic in the standard PCAP format for further analysis\n\nVia the trailer option, you can add app names to the packets and display them in Wireshark