PCAP diffing

[ POST ] https://api.malcore.io/api/pcapdiff

PCAP diffing is a way to perform a diff on two PCAP files. The output will display the packet differences between two files and is a good way to determine exploits in network analysis.

Packet capture differentiating allows the user to parse PCAP binary files and provide the difference between two the two

Query Params

filename1 file
filename2 file

Headers

apiKey string

Request

curl -X POST https://api.malcore.io/api/pcapdiff \
  -F "filename1=@mypcap.pcap" \
  -F "filename2=@mysecondpcap.pcap" \
  -H "apiKey: myapikey"

Response

🟢 200

{
  "results": {
    "packets": [
      "...",
      "..."
    ],
    "diff_amount": 2
  }
}

🔴404

{
  "error": "One or more of the files passed is an invalid type, must be PCAP binary file"
}

PreviousDeep Static Analysis NextGather sections

Last updated 8 months ago