IceSniff
Download

Native macOS Packet Analysis

Inspect traffic without leaving the flow.

IceSniff puts live capture, packet drill-down, analysis sections, and a packet-aware AI rail into one fast native workspace.

Built with
SwiftUI + Rust + TShark
License
MIT
MacBook showing the IceSniff packet browser
IceSniff full-screen desktop screenshot shown inside a MacBook

Workflow

A tighter lane for packet work.

Capture live

Select an interface, start sniffing, and see packets land as the session unfolds.

Inspect deeply

Move from summaries to decoded fields, layer detail, and packet-aware context actions.

Ask in context

Open the right-side AI rail and reason over the selected packet without breaking focus.

Surface

The app revolves around six fast moves.

Open PCAP

Load existing captures directly into the native shell.

Live Sniff

Start and stop capture from the same operational center.

Filter Fast

Use comfort-first filters likehttp or 443.

Inspect Fields

Drill into decoded packet structure and byte-aware metadata.

Trace Streams

Jump across conversations, streams, and transactions quickly.

Save Output

Export the full capture or only the packets that match your filter.

Coverage

Shared engine depth, kept inside one calm shell.

Core Transport

Ethernet, ARP, IPv4, TCP, UDP, and ICMP.

App Protocols

DNS, HTTP/1.1, and TLS handshake metadata.

Surfaces

Native macOS app, CLI, and a local web companion.

Backend

Shared Rust analysis engine with bundled capture helpers.