software

Show HN: Babyshark – Wireshark made easy (terminal UI for PCAPs)

Published: (February 23, 2026 at 03:45 PM EST)
1 min read
Source: Hacker News

Source: Hacker News

Overview

Babyshark is a terminal UI for PCAPs aimed at people who find Wireshark powerful but overwhelming. The goal is “PCAPs for humans”:

  • Overview dashboard – answers what’s happening and suggests what to click next.
  • Domains view – hostnames first; select a domain to jump straight to relevant flows (works even when DNS is encrypted or cached by using observed IPs from flows).
  • Weird stuff view – surfaces common failure/latency signals such as retransmits, out‑of‑order hints, resets, handshake issues, and DNS failures when visible.

From there you can drill down:

Flows → Packets → Explain (plain‑English hints) / follow stream.

Commands

# Offline analysis
babyshark --pcap capture.pcap

# Live capture (requires tshark)
babyshark --list-ifaces
babyshark --live en0

Repository & Release

  • Repository and v0.1.0 release:

Feedback

The author would love feedback on UX and suggestions for additional “weird detectors.”

Comments URL: (Points: 12)

0 views
#PCAP #Wireshark #terminal UI #network analysis #babyshark #tshark #open source #network monitoring
View source
Share:
Back to Blog

Related posts

Read more »

Created a Mouse Mover for Mac

Repository: https://github.com/zhangyaoxing/toolkithttps://github.com/zhangyaoxing/toolkit Overview Moving the mouse cursor or windows across multiple monitors...

Show HN: I ported Tree-sitter to Go

This started as a hard requirement for my TUI‑based editor application, but it ended up going in a few different directions. - A suite of tools that help with s...