TraceWrangler - Packet Capture Toolkit

Introduction

TraceWrangler is a network capture file toolkit running on Windows (or on Linux, using WINE) that supports PCAP as well as the new PCAPng file format, which is now the standard file format used by Wireshark. The most prominent use case for TraceWrangler is the easy sanitization and anonymization of PCAP and PCAPng files (sometimes called "trace files", "capture files" or "packet captures"), removing or replacing sensitive data while being easy to use.

Features

Screenshot

Download

Created: January 12, 2025

32bit version: TraceWrangler Beta 0.6.9 build 984
MD5 (32bit zip): BC981B5125D79CD000CCF3D77C24C356

64bit version: TraceWrangler Beta 0.6.9 build 984
MD5 (64bit zip): 4F86398869B87C17474A87500C1741F9

Source Code: TraceWranglerSrc_0.6.8.zip (outdated)


My GPG public key can be found here

Documentation

Documentation is available online, as well as a Windows help file inside the download container. There also is a PDF File.

Presentations

You can also take a look at my presentation I did about anonymizing network packet trace files at Sharkfest 2013.

Changelog and Updates

There is a ChangeLog available, listing all the changes for published versions (outdated, too. Sorry.). Updated versions will also be announced via BlueSky (@packetjay).

Feedback and Known Issues

Sent feedback about bugs, feature requests and other topics to "jasper [ät] packet-foo.com". My PGP key is found here.

If you sent bug reports, please include

TraceWrangler has some limitations at the moment (which may most likely last a little longer than just "a moment"):

Thanks, and have fun,
Jasper