packetsnitch 1.5.599

package/src/ui/panels/stats-panel.js

@@ -0,0 +1,351 @@
+function normalizeStatsTextValue(value, options = {}) {
+  if (value === null || value === undefined) return null;
+
+  const { stripNonPrintable = false } = options;
+  let normalized = typeof value === "string" ? value : String(value);
+
+  if (stripNonPrintable) {
+    normalized = normalized.replace(/[\x00-\x1F\x7F]/g, "");
+  }
+
+  normalized = normalized.trim();
+  return normalized ? normalized : null;
+}
+
+function normalizeStatsPortValue(value) {
+  if (value === null || value === undefined) return null;
+  if (typeof value === "number") return Number.isFinite(value) ? value : null;
+  const normalizedText = normalizeStatsTextValue(value);
+  if (!normalizedText || !/^\d+$/.test(normalizedText)) return null;
+  return Number(normalizedText);
+}
+
+function buildCaptureStats(capturedPackets) {
+  const protocols = new Set();
+  const transportProtocols = new Set();
+  const hosts = new Set();
+  const ports = new Set();
+  const macVendors = new Set();
+  const mimeTypes = new Set();
+  const locations = new Map();
+  const hostnames = new Set();
+  const dataTypes = new Set();
+  let encryptedCount = 0;
+  let unencryptedCount = 0;
+  let totalPackets = 0;
+
+  if (!capturedPackets || !capturedPackets["Host"]) return null;
+
+  for (const host of Object.keys(capturedPackets["Host"])) {
+    const normalizedHostKey = normalizeStatsTextValue(host);
+    if (normalizedHostKey) hosts.add(normalizedHostKey);
+    const packets = capturedPackets["Host"][host];
+    if (!Array.isArray(packets)) continue;
+
+    for (const pkt of packets) {
+      totalPackets++;
+      const pi = pkt?.["Packet Info"];
+      const ei = pkt?.["Extra Info"];
+      if (!pi || !ei) continue;
+
+      const tp = normalizeStatsTextValue(pi["Protocol"]);
+      if (tp) transportProtocols.add(tp);
+
+      const srcIp = normalizeStatsTextValue(pi?.["IP"]?.["Source IP"]);
+      const dstIp = normalizeStatsTextValue(pi?.["IP"]?.["Destination IP"]);
+      if (srcIp) hosts.add(srcIp);
+      if (dstIp) hosts.add(dstIp);
+
+      const ef = pi?.["Ethernet Frame"];
+      if (ef) {
+        const srcVendor = normalizeStatsTextValue(ef["MAC Source Vendor"]);
+        const dstVendor = normalizeStatsTextValue(ef["MAC Destination Vendor"]);
+        if (srcVendor) macVendors.add(srcVendor);
+        if (dstVendor) macVendors.add(dstVendor);
+      }
+
+      const netData = ei?.["Traits"]?.["Network Data"];
+      if (netData) {
+        const protoName = normalizeStatsTextValue(
+          netData["Port Protocol"] ?? netData["Port Protcol"],
+        );
+        if (protoName && protoName !== "Unknown") protocols.add(protoName);
+
+        const tpData = tp ? pi[tp] : null;
+        if (tpData) {
+          const srcPort = normalizeStatsPortValue(tpData["Source port"]);
+          const dstPort = normalizeStatsPortValue(tpData["Destination port"]);
+          if (srcPort !== null) ports.add(srcPort);
+          if (dstPort !== null) ports.add(dstPort);
+        }
+
+        const hn = netData?.["Hostnames"]?.["Hostnames"];
+        if (Array.isArray(hn)) {
+          hn.forEach((h) => {
+            const normalizedHostname = normalizeStatsTextValue(h);
+            if (normalizedHostname) hostnames.add(normalizedHostname);
+          });
+        }
+
+        for (const side of ["Source IP", "Destination IP"]) {
+          const loc = netData?.[side]?.["Location"];
+          const city = normalizeStatsTextValue(loc?.["City"]);
+          const country = normalizeStatsTextValue(loc?.["Country"]);
+          if (city && country) {
+            const key = `${city}, ${country}`;
+            locations.set(key, (locations.get(key) || 0) + 1);
+          }
+        }
+      }
+
+      const mimeType = normalizeStatsTextValue(ei?.["MIME Type"]);
+      if (mimeType) mimeTypes.add(mimeType);
+
+      const dt = ei?.["Data Types"];
+      if (Array.isArray(dt)) {
+        dt.forEach((d) => {
+          const normalizedDataType = normalizeStatsTextValue(d, {
+            stripNonPrintable: true,
+          });
+          if (normalizedDataType) dataTypes.add(normalizedDataType);
+        });
+      }
+
+      const encData = ei?.["Traits"]?.["Server Info"]?.["Encryption Data"];
+      if (!encData || encData === "N/A") {
+        unencryptedCount++;
+      } else {
+        encryptedCount++;
+      }
+    }
+  }
+
+  return {
+    protocols: [...protocols].sort(),
+    transportProtocols: [...transportProtocols].sort(),
+    hosts: [...hosts].sort(),
+    ports: [...ports].sort((a, b) => a - b),
+    macVendors: [...macVendors].filter((v) => v !== "N/A").sort(),
+    mimeTypes: [...mimeTypes].sort(),
+    locations: [...locations.entries()].sort((a, b) => b[1] - a[1]),
+    hostnames: [...hostnames].sort(),
+    dataTypes: [...dataTypes].sort(),
+    encryptedCount,
+    unencryptedCount,
+    totalPackets,
+  };
+}
+
+function makeStatsSection({ documentRef, title, items, queryBuilder, onQuery }) {
+  if (!items || items.length === 0) return null;
+  const normalizedItems = Array.from(
+    new Set(
+      items.filter((item) => {
+        if (item === null || item === undefined) return false;
+        if (typeof item !== "string") return true;
+        return normalizeStatsTextValue(item) !== null;
+      }),
+    ),
+  );
+  if (normalizedItems.length === 0) return null;
+
+  const section = documentRef.createElement("div");
+  section.className = "stats-section";
+
+  const heading = documentRef.createElement("div");
+  heading.className = "stats-section-title";
+  heading.textContent = title;
+  section.appendChild(heading);
+
+  const tagList = documentRef.createElement("div");
+  tagList.className = "stats-tag-list";
+
+  normalizedItems.forEach((item) => {
+    const tag = documentRef.createElement("span");
+    tag.className = "stats-tag";
+    tag.textContent = item;
+    tag.title = "Click to filter packets by this value";
+    if (queryBuilder) {
+      tag.addEventListener("click", () => {
+        const query = queryBuilder(item);
+        if (query && typeof onQuery === "function") {
+          onQuery(query);
+        }
+      });
+    }
+    tagList.appendChild(tag);
+  });
+
+  section.appendChild(tagList);
+  return section;
+}
+
+function createStatsPanel(options) {
+  const {
+    documentRef,
+    statusUpdate,
+    writeLogEntry,
+    setActiveMainTab,
+    mainTabStats,
+    getJsonCapture,
+    getCapturedPackets,
+    filterInputEl,
+    syncFilterHighlight,
+    runFilterQuery,
+    getFilteredPackets,
+    setPacketsForHost,
+  } = options;
+
+  function applyStatsQuery(query) {
+    filterInputEl.value = query;
+    syncFilterHighlight();
+    writeLogEntry(`Stats tag clicked query="${query}"`);
+    runFilterQuery(query);
+    const filteredPackets = getFilteredPackets();
+    if (Array.isArray(filteredPackets) && filteredPackets.length > 0) {
+      setPacketsForHost(filteredPackets);
+    }
+  }
+
+  function showStats() {
+    setActiveMainTab(mainTabStats);
+    if (getJsonCapture() === "") {
+      statusUpdate("Status: No JSON file loaded, please upload a file first");
+      return;
+    }
+    statusUpdate("Status: Displaying capture statistics");
+    writeLogEntry("User opened capture stats view");
+
+    documentRef.getElementById("packetInfoPane").style.display = "none";
+    documentRef.getElementById("packetPayloadPane").style.display = "none";
+    documentRef.getElementById("prev-btn").style.display = "none";
+    documentRef.getElementById("next-btn").style.display = "none";
+    documentRef.getElementById("summary_box").style.display = "none";
+    documentRef.getElementById("list_box").style.display = "none";
+    documentRef.getElementById("notes_box").style.display = "none";
+    documentRef.getElementById("data_tools_box").style.display = "none";
+    documentRef.getElementById("crypt_box").style.display = "none";
+    documentRef.getElementById("keystore_box").style.display = "none";
+    documentRef.getElementById("stats_box").style.display = "block";
+    documentRef.getElementById("rightside").style.display = "none";
+
+    const content = documentRef.getElementById("stats_content");
+    content.replaceChildren();
+
+    const stats = buildCaptureStats(getCapturedPackets());
+    if (!stats) {
+      content.textContent = "No packet data available.";
+      return;
+    }
+
+    const overview = documentRef.createElement("div");
+    overview.className = "stats-section";
+    const ovHead = documentRef.createElement("div");
+    ovHead.className = "stats-section-title";
+    ovHead.textContent = "Capture Overview";
+    overview.appendChild(ovHead);
+    [
+      `Total Packets: ${stats.totalPackets}`,
+      `Unique Hosts Targeted: ${stats.hosts.length}`,
+      `Encrypted Packets: ${stats.encryptedCount}`,
+      `Unencrypted Packets: ${stats.unencryptedCount}`,
+      `Unique Protocols: ${stats.protocols.length}`,
+      `Unique Locations: ${stats.locations.length}`,
+    ].forEach((line) => {
+      const kv = documentRef.createElement("div");
+      kv.className = "stats-kv";
+      kv.textContent = line;
+      overview.appendChild(kv);
+    });
+    content.appendChild(overview);
+
+    const protoSec = makeStatsSection({
+      documentRef,
+      title: "Application Protocols",
+      items: stats.protocols,
+      queryBuilder: (v) => `tcp.proto: ${v.toLowerCase()}`,
+      onQuery: applyStatsQuery,
+    });
+    if (protoSec) content.appendChild(protoSec);
+
+    const tpSec = makeStatsSection({
+      documentRef,
+      title: "Transport Protocols",
+      items: stats.transportProtocols,
+      queryBuilder: (v) => `wire.proto: ${v.toLowerCase()}`,
+      onQuery: applyStatsQuery,
+    });
+    if (tpSec) content.appendChild(tpSec);
+
+    const hostSec = makeStatsSection({
+      documentRef,
+      title: "All Hosts Addressed",
+      items: stats.hosts,
+      queryBuilder: (v) => `ip.src.addr: ${v} || ip.dst.addr: ${v}`,
+      onQuery: applyStatsQuery,
+    });
+    if (hostSec) content.appendChild(hostSec);
+
+    const hnSec = makeStatsSection({
+      documentRef,
+      title: "Hostnames (DNS)",
+      items: stats.hostnames,
+      queryBuilder: (v) => `dns.qname: ${v}`,
+      onQuery: applyStatsQuery,
+    });
+    if (hnSec) content.appendChild(hnSec);
+
+    if (stats.locations.length > 0) {
+      const locItems = stats.locations.map(([place, count]) => `${place} (${count})`);
+      const locSec = makeStatsSection({
+        documentRef,
+        title: "Physical Locations",
+        items: locItems,
+      });
+      if (locSec) content.appendChild(locSec);
+    }
+
+    const portSec = makeStatsSection({
+      documentRef,
+      title: "Ports Seen",
+      items: stats.ports.map(String),
+      queryBuilder: (v) => `tcp.src.port: ${v} || tcp.dst.port: ${v}`,
+      onQuery: applyStatsQuery,
+    });
+    if (portSec) content.appendChild(portSec);
+
+    const macSec = makeStatsSection({
+      documentRef,
+      title: "MAC Vendors",
+      items: stats.macVendors,
+      queryBuilder: (v) => `eth.src.vendor: ${v}`,
+      onQuery: applyStatsQuery,
+    });
+    if (macSec) content.appendChild(macSec);
+
+    const mimeSec = makeStatsSection({
+      documentRef,
+      title: "MIME Types",
+      items: stats.mimeTypes,
+      queryBuilder: (v) => `mime.type: ${v}`,
+      onQuery: applyStatsQuery,
+    });
+    if (mimeSec) content.appendChild(mimeSec);
+
+    const dtSec = makeStatsSection({
+      documentRef,
+      title: "Data Types",
+      items: stats.dataTypes,
+    });
+    if (dtSec) content.appendChild(dtSec);
+  }
+
+  return {
+    showStats,
+  };
+}
+
+module.exports = {
+  id: "stats",
+  createStatsPanel,
+};

package/src/ui/panels/summary-panel.js

@@ -0,0 +1,63 @@
+const SUMMARY_LOADING_MARKUP =
+  '<span id="loaderdots" class="loading" role="status" aria-live="polite">Loading</span>';
+
+function createSummaryPanel({
+  documentRef,
+  getJsonCapture,
+  getFinalSummary,
+  setActiveMainTab,
+  mainTabSummary,
+  statusUpdate,
+  fileLoaded,
+}) {
+  function showSummary() {
+    setActiveMainTab(mainTabSummary);
+    statusUpdate("Status: Displaying capture analysis summary");
+    const jsonCapture = getJsonCapture();
+    if (jsonCapture === "" || jsonCapture === null || jsonCapture === undefined) {
+      statusUpdate("Status: No JSON file loaded, please upload a file first");
+      return;
+    }
+
+    documentRef.getElementById("packetInfoPane").style.display = "none";
+    documentRef.getElementById("packetPayloadPane").style.display = "none";
+    documentRef.getElementById("prev-btn").style.display = "none";
+    documentRef.getElementById("next-btn").style.display = "none";
+    documentRef.getElementById("stats_box").style.display = "none";
+    documentRef.getElementById("data_tools_box").style.display = "none";
+    documentRef.getElementById("crypt_box").style.display = "none";
+    documentRef.getElementById("keystore_box").style.display = "none";
+    documentRef.getElementById("list_box").style.display = "none";
+    documentRef.getElementById("notes_box").style.display = "none";
+    documentRef.getElementById("rightside").style.display = "none";
+    documentRef.getElementById("summary_content").textContent =
+      getFinalSummary() || "No LLM summary available.";
+    documentRef.getElementById("summary_box").style.display = "block";
+    fileLoaded(true);
+  }
+
+  function showSummaryLoading() {
+    const summaryContentEl = documentRef.getElementById("summary_content");
+    if (!summaryContentEl) return;
+    summaryContentEl.innerHTML = SUMMARY_LOADING_MARKUP;
+  }
+
+  function clearSummaryContent() {
+    const summaryContentEl = documentRef.getElementById("summary_content");
+    if (!summaryContentEl) return;
+    summaryContentEl.textContent = "";
+  }
+
+  const summaryBtnEl = documentRef.getElementById("summary-btn");
+  if (summaryBtnEl) {
+    summaryBtnEl.addEventListener("click", showSummary);
+  }
+
+  return {
+    showSummary,
+    showSummaryLoading,
+    clearSummaryContent,
+  };
+}
+
+module.exports = { createSummaryPanel };

package/webpack.main.config.js

@@ -0,0 +1,11 @@
+module.exports = {
+  /**
+   * This is the main entry point for your application, it's the first file
+   * that runs in the main process.
+   */
+  entry: './src/main.js',
+  // Put your normal webpack config below here
+  module: {
+    rules: require('./webpack.rules'),
+  },
+};

package/webpack.plugins.js

@@ -0,0 +1,13 @@
+const path = require('path');
+const CopyPlugin = require('copy-webpack-plugin');
+
+module.exports = [
+  new CopyPlugin({
+    patterns: [
+      {
+        from: path.resolve(__dirname, 'src/assets'),
+        to: 'assets',
+      },
+    ],
+  }),
+];

package/webpack.preload.config.js

@@ -0,0 +1,7 @@
+module.exports = {
+  // ...existing config
+  target: 'electron-preload',
+  externals: {
+    fs: 'commonjs2 fs',
+  },
+};

package/webpack.renderer.config.js

@@ -0,0 +1,30 @@
+const rules = require('./webpack.rules');
+const plugins = require('./webpack.plugins');
+const webpack = require('webpack');
+
+rules.push({
+  test: /\.css$/,
+  use: [{ loader: 'style-loader' }, { loader: 'css-loader' }],
+});
+
+module.exports = {
+  // Put your normal webpack config below here
+  module: {
+    rules,
+  },
+  resolve: {
+    fallback: {
+      buffer: require.resolve('buffer/'),
+      process: require.resolve('process/browser'),
+      stream: require.resolve('stream-browserify'),
+      vm: require.resolve('vm-browserify'),
+    },
+  },
+  plugins: [
+    ...plugins,
+    new webpack.ProvidePlugin({
+      Buffer: ['buffer', 'Buffer'],
+      process: 'process/browser',
+    }),
+  ],
+};

package/webpack.rules.js

@@ -0,0 +1,35 @@
+module.exports = [
+  // Add support for native node modules
+  {
+    // We're specifying native_modules in the test because the asset relocator loader generates a
+    // "fake" .node file which is really a cjs file.
+    test: /native_modules[/\\].+\.node$/,
+    use: 'node-loader',
+  },
+  {
+    test: /[/\\]node_modules[/\\].+\.(m?js|node)$/,
+    parser: { amd: false },
+    use: {
+      loader: '@vercel/webpack-asset-relocator-loader',
+      options: {
+        outputAssetBase: 'native_modules',
+      },
+    },
+  },
+  // Put your webpack loader rules in this array.  This is where you would put
+  // your ts-loader configuration for instance:
+  /**
+   * Typescript Example:
+   *
+   * {
+   *   test: /\.tsx?$/,
+   *   exclude: /(node_modules|.webpack)/,
+   *   loaders: [{
+   *     loader: 'ts-loader',
+   *     options: {
+   *       transpileOnly: true
+   *     }
+   *   }]
+   * }
+   */
+];