PCAPdroid - network monitor

In-app purchases
4.4
924 reviews
100K+
Downloads
Content rating
Rated for 3+
Screenshot image
Screenshot image
Screenshot image
Screenshot image
Screenshot image
Screenshot image

About this app

PCAPdroid is a privacy-friendly open source app which lets you track, analyze and block the connections made by the other apps in your device. It also allows you to export a PCAP dump of the traffic, extract metadata and much more!

PCAPdroid simulates a VPN in order to capture the network traffic without root. It does not use a remote VPN server. All the data is processed locally on the device.

Features:

- Log and examine the connections made by user and system apps
- Extract the SNI, DNS query, HTTP URL and the remote IP address
- Inspect HTTP requests and replies thanks to the built-in decoders
- Inspect the full connections payload as hexdump/text
- Decrypt the HTTPS/TLS traffic and export the SSLKEYLOGFILE
- Dump the traffic to a PCAP file, download it from a browser, or stream it to a remote receiver for real time analysis (e.g. wireshark)
- Create rules to filter out the good traffic and easily spot anomalies
- Identify the country and ASN of remote server via offline db lookups
- On rooted devices, capture the traffic while other VPN apps are running

Paid features:

- Firewall: create rules to block individual apps, domains and IP addresses
- Malware detection: detect malicious connections by using third-party blacklists

If you plan to use PCAPdroid to perform packet analysis, please check out the specific section of the manual.

Join the PCAPdroid community on telegram to discuss and receive updates on the latest features.
Updated on
Feb 8, 2024

Data safety

Safety starts with understanding how developers collect and share your data. Data privacy and security practices may vary based on your use, region, and age. The developer provided this information and may update it over time.
No data shared with third parties
Learn more about how developers declare sharing
No data collected
Learn more about how developers declare collection

Ratings and reviews

4.4
885 reviews
K Green
March 24, 2024
Doesn't work. It's giving false results plus I paid for extra features to even just capture the data. Again, doesn't work. Don't waste your time. It's logging an app's activity I've never had and my friend who does left awhile ago. But that's all it's logging and you can't save the data. I paid for the feature to do so and it didn't work. I believe this is a scam app and gave it all kinds of access so I'll probably be robbed soon. F y'all fr.
Did you find this helpful?
Emanuele Faranda
March 25, 2024
Hello, some apps in android devices are pre-installed by the vendor, so this may explain why you see unexpected apps. I suggest to start from https://emanuele-f.github.io/PCAPdroid to learn the basics. You can record the traffic to a PCAP file and then open it afterwards, which is a free feature btw. The app is an open source project, stay assured
Anesh TKL
December 13, 2023
Hi, I'm not sure if this is the right app, but can this app extract the url link of the page that I'm currently on in an app? I've tried it but there are multiple connections shown and I still can't find that one specific link. If not, do you have recommendations on which app that can perform the said request? Thanks.
11 people found this review helpful
Did you find this helpful?
Emanuele Faranda
December 15, 2023
Hello, you need to decrypt the traffic, check out https://emanuele-f.github.io/PCAPdroid/tls_decryption for more details
Aoi Green
February 16, 2024
(I am ROOTED) I installed your app via F Droid but even after installing the SSL certificate I can't decrypt SSL traffic between an Android app and the internet I get SSL errors and all kinds of weird stuff from the apps I'm trying to intercept. Do Android apps have some sort of pinned certificate within the code or something? All I want to do is intercept URLs and https API calls from Android apps.
7 people found this review helpful
Did you find this helpful?
Emanuele Faranda
January 29, 2024
Without root you will be mostly limited to decrypting browser apps. Please check out https://emanuele-f.github.io/PCAPdroid/tls_decryption for more details

What's new

- Select multiple target apps
- Copy/export the connections payload
- Android 14 support
- mitmproxy 10.1.6 and Doze fix
- Ability to block QUIC only on decryption
- Fix inaccurate firewall grace period
- Integrations to run with Tor and DNSCrypt