libpcap
E484050
libpcap is a widely used packet capture library and file format for recording and analyzing network traffic across various tools and platforms.
All labels observed (1)
| Label | Occurrences |
|---|---|
| libpcap canonical | 2 |
How this entity was disambiguated
This entity first appeared as the object of triple T4980096 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
NED1
Entity disambiguation (via context triple)
gpt-5-mini-2025-08-07
Target entity: libpcap Context triple: [Wireshark, fileFormat, libpcap]
-
A.
Wireshark
Wireshark is a widely used open-source network protocol analyzer that captures and interactively inspects traffic on computer networks for troubleshooting, analysis, and security auditing.
-
B.
Ettercap
Ettercap is a network security tool used for sniffing, intercepting, and manipulating traffic on local area networks, commonly employed for man-in-the-middle attacks and protocol analysis.
-
C.
Netcat
Netcat is a versatile command-line networking utility used for reading from and writing to network connections, often referred to as the "Swiss Army knife" of TCP/IP.
-
D.
airserv-ng (remote capture daemon)
airserv-ng is a network daemon in the Aircrack-ng suite that enables remote wireless packet capture by exposing a wireless interface over TCP for use by other tools.
-
E.
NetFlow
NetFlow is a network protocol developed by Cisco for collecting and analyzing IP traffic flow data to support monitoring, accounting, and security.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
NED2
Entity disambiguation (via description)
gpt-5-mini-2025-08-07
Target entity: libpcap Target entity description: libpcap is a widely used packet capture library and file format for recording and analyzing network traffic across various tools and platforms.
-
A.
Wireshark
Wireshark is a widely used open-source network protocol analyzer that captures and interactively inspects traffic on computer networks for troubleshooting, analysis, and security auditing.
-
B.
Ettercap
Ettercap is a network security tool used for sniffing, intercepting, and manipulating traffic on local area networks, commonly employed for man-in-the-middle attacks and protocol analysis.
-
C.
Netcat
Netcat is a versatile command-line networking utility used for reading from and writing to network connections, often referred to as the "Swiss Army knife" of TCP/IP.
-
D.
airserv-ng (remote capture daemon)
airserv-ng is a network daemon in the Aircrack-ng suite that enables remote wireless packet capture by exposing a wireless interface over TCP for use by other tools.
-
E.
NetFlow
NetFlow is a network protocol developed by Cisco for collecting and analyzing IP traffic flow data to support monitoring, accounting, and security.
- F. None of above. chosen
Statements (49)
| Predicate | Object |
|---|---|
| instanceOf |
file format
ⓘ
packet capture library ⓘ software library ⓘ |
| category |
network protocol analyzer component
ⓘ
networking software ⓘ |
| distribution | commonly included in Unix-like OS distributions ⓘ |
| fileFormatExtension | .pcap ⓘ |
| fileFormatType | binary capture file ⓘ |
| hasSuccessorFormat | pcapng NERFINISHED ⓘ |
| inspired |
Npcap
NERFINISHED
ⓘ
WinPcap NERFINISHED ⓘ |
| license | BSD-style license NERFINISHED ⓘ |
| maintainedBy | tcpdump.org project ⓘ |
| operatingSystem |
BSD
NERFINISHED
ⓘ
Linux ⓘ Unix-like systems ⓘ macOS ⓘ |
| programmingLanguage | C ⓘ |
| providesAPI |
pcap_compile
ⓘ
pcap_datalink ⓘ pcap_dump ⓘ pcap_loop ⓘ pcap_next_ex ⓘ pcap_open_live ⓘ pcap_open_offline NERFINISHED ⓘ pcap_setfilter ⓘ |
| supportsFeature |
BPF filtering
ⓘ
link-layer header parsing ⓘ live packet capture ⓘ offline packet analysis ⓘ timestamping of packets ⓘ |
| supportsLinkLayer |
Ethernet
NERFINISHED
ⓘ
IEEE 802.11 NERFINISHED ⓘ Linux cooked capture ⓘ Loopback ⓘ PPP NERFINISHED ⓘ VLAN ⓘ |
| usedBy |
Bro
NERFINISHED
ⓘ
Snort NERFINISHED ⓘ Suricata NERFINISHED ⓘ Tshark NERFINISHED ⓘ Wireshark NERFINISHED ⓘ Zeek NERFINISHED ⓘ tcpdump NERFINISHED ⓘ |
| usedFor |
intrusion detection
ⓘ
network forensics ⓘ network traffic analysis ⓘ network troubleshooting ⓘ protocol development ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
Instruction
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Input
Subject: libpcap Description of subject: libpcap is a widely used packet capture library and file format for recording and analyzing network traffic across various tools and platforms.
Referenced by (2)
Full triples — surface form annotated when it differs from this entity's canonical label.