PCAPdroid is a privacy-friendly open source app which lets you track, analyze, and block the connections made by other apps on your device. It also allows exporting a PCAP dump of the traffic, extracting metadata, and much more.
PCAPdroid simulates a VPN in order to capture network traffic without root. It does not use a remote VPN server; all data is processed locally on the device.
Features
- Log and examine the connections made by user and system apps
- Extract the SNI, DNS query, HTTP URL, and the remote IP address
- Inspect HTTP requests and replies thanks to the built-in decoders
- Inspect the full connection payload as hexdump or text and export it
- Decrypt HTTPS/TLS traffic and export the SSLKEYLOGFILE
- Dump traffic to a PCAP file, download it from a browser, or stream it to a remote receiver for real-time analysis (e.g. Wireshark)
- Create rules to filter traffic and easily spot anomalies
- Identify the country and ASN of remote servers via offline database lookups
- On rooted devices, capture traffic while other VPN apps are running
Paid Features
- Firewall: create rules to block individual apps, domains, and IP addresses
- Malware detection: detect malicious connections using third-party blacklists
If PCAPdroid is used for packet analysis, the relevant section of the manual provides additional guidance.
View on Google Play StoreFree or paid:
- Free with in-app purchase
Accessibility and User Comments:
During a quick test of the app, I did not notice any accessibility issues worth mentioning. The app appears to be accessible, with content properly exposed to screen readers and sections and settings clearly labeled. Screen reader actions are not supported.
I only tested the free version, but it is possible to purchase any of the available paid packages, which are one-time purchases that unlock additional features.
Last Tested App version and Android version:
App version: 1.8.8, Android 16
Comments