Packet Log
A professional packet log built for analyst navigation — filter, inspect, and classify without losing the raw frame.
- Filtering & protocol categorization
- Packet details & packet bytes
- Right-click context actions
- Follow-stream navigation
PacketSense brings import, inspection, prioritization, investigation, and reporting into a single local-first workflow — so evidence moves forward without losing packet-level traceability.
Five stages, one continuous model — each step keeps the underlying packets inspectable.
Bring in packets from wherever the evidence lives.
Every source becomes one inspectable packet model.
See what deserves attention first.
Move from a signal to a conclusion you can defend.
Turn evidence into something you can hand off.
A professional packet log with protocol categorization, packet details, packet bytes, right-click context actions, and follow-stream navigation built for analyst speed.
Packet details · frame 218
▸ Frame 218: 583 bytes on wire (4664 bits)
▸ Internet Protocol Version 4, Src: 198.51.100.24, Dst: 192.0.2.44
▸ Transport Layer Security
Packet bytes
client → server
GET /collect?id=8831 HTTP/1.1server → client
HTTP/1.1 200 OKPacketSense rebuilds HTTP/TCP/UDP-style conversations where the capture supports it, and explains gracefully when a stream can't be reconstructed. It shows what the evidence supports and stops there.
This capture shows a workstation resolving and briefly contacting an unknown host. Two signals are worth reviewing:
5 SYN attempts, no completed TCP handshake — a RST arrives from an unexpected source port. Consistent with a blocked or dead service.
→ frames 221, 222
A non-cached DNS query for a suspicious name returned NXDOMAIN. No follow-on connection was observed in this capture.
→ frames 223, 224
Suggested next steps
The Local Analyst Assistant summarizes capture evidence, surfaces investigation patterns, suggests next steps, and links every conclusion back to specific frames — so analysts can validate, not just trust.
Each capability preserves packet-level traceability, so findings stay defensible from first triage to final report.
A professional packet log built for analyst navigation — filter, inspect, and classify without losing the raw frame.
Reconstruct HTTP/TCP/UDP-style conversations where the capture supports it — and explain gracefully when a stream can't be rebuilt.
Turn text-based evidence into analyzable capture data — FortiGate-style logs, hex dumps, and text packet data.
A local assistant that summarizes capture evidence, suggests next steps, and creates actionable drilldowns — always linked back to packets.
Surface what's worth a closer look — anomaly summaries, local rules, and threat-intelligence enrichment where configured.
Understand the security posture of a capture with TLS visibility, handshake context, and clear warning surfaces.
See who's talking to whom — top talkers, geolocation-style summaries where the data exists, and topology-style context.
Share investigation findings without losing packet-level traceability — reports plus CSV/PCAP slices.
Governance for teams that handle sensitive evidence — seats, admin-only controls, policy, and cloud-AI governance.
Request pilot access and evaluate the full local workflow — PCAP and text import, live capture, the Local Analyst Assistant, threat hunting, and reports.