What is rpcap

Remote network packet capturing tool which automates the generation of PCAP files from one or more remote machines.

rpcap automates things like logging on the remote machine, executing a packet capturer (tcpdump), transferring the PCAP file to the local machine and executing a graphical tool (wireshark), which displays the traffic in real time.

The tool runs on Linux and doesn't require the installation of any specific software (besides the packet capturer itself) on the target. In theory there are no restrictions about the target machine as long as it has got SSH server and tcpdump installed.


The documentation is hosted on ReadTheDocs here


There are packages for Debian and RedHat based distros on GitHub releases page of the project here


The project is licensed under Mozilla Public License 2.0 (MPL 2.0).

Source code

The source code is published on GitHub here.