{"id":648,"date":"2008-05-25T13:18:40","date_gmt":"2008-05-25T11:18:40","guid":{"rendered":"http:\/\/www.corelan.be:8800\/index.php\/2008\/05\/25\/free-tool-pve-pcap-statistics-collector\/"},"modified":"2008-05-25T13:18:40","modified_gmt":"2008-05-25T11:18:40","slug":"free-tool-pve-pcap-statistics-collector","status":"publish","type":"post","link":"https:\/\/www.corelan.be\/index.php\/2008\/05\/25\/free-tool-pve-pcap-statistics-collector\/","title":{"rendered":"Free tool - PVE pcap statistics collector"},"content":{"rendered":"

Keywords : Wireshark Out Of Memory tcpdump statistics pcap<\/font><\/p>\n

The story I'm about to tell may sound familiar to most of you. You've been asked to gather some bandwidth utilization statistics on one of your servers. You've installed Wireshark on the server to capture all traffic, or you've used linux' tcpdump to capture all traffic. You've tried to open the capture file in Wireshark so you could look at the bandwidth utilization... but Wireshark doesn't like your big file and dies with the following message :<\/p>\n

Out Of Memory!<\/p>\n

Sorry, but Wireshark has to terminate now!<\/p>\n

\"image_2\"<\/a> <\/p>\n

(Well, in fact, Wireshark is not to blame here - it's just your system that cannot handle that amount of data in memory)<\/p>\n

I came across this scenario many times. And I decided to write a little tool that will just read the file and dump out the statistics, without putting a huge burden on your memory. After all, I don't care about the packet details at this time... I just want to gather some basic statistics.<\/p>\n

The tool is called PVE pcap statistics collector and can be downloaded from http:\/\/users.telenet.be\/internet.activities\/freetools\/pvepcapstats\/index.htm<\/a><\/p>\n

As usual - the tool is free.<\/p>\n

Note : if you need more info from the wireshark capture files, please have a look at this document<\/a> and look at the tshark tool<\/p>\n

 <\/p>\n

This is how it works :<\/u><\/p>\n

First of all, install the application. Make sure you have winpcap installed as well.<\/p>\n

The application is a command line utility, so you'll need to open a command prompt and go to the path where the tool is installed.  Usually, this will be C:\\Program Files\\Peter Van Eeckhoutte\\PVEpcapStats\\<\/p>\n\n\n\n
\n
C:\\Program Files\\Peter Van Eeckhoutte\\PVEpcapStats><\/span><\/b>dir<\/span><\/i>\n Volume in drive C has no label.\n Volume Serial Number is 585F-8B81\n\n Directory of C:\\Program Files\\Peter Van Eeckhoutte\\PVEpcapStats\n\n25\/05\/2008  15:47    <DIR>          .\n25\/05\/2008  15:47    <DIR>          ..\n25\/05\/2008  15:29            53.248 PVEPcapStats.exe\n25\/05\/2008  15:29           159.744 PVESharpPcap.dll\n               2 File(s)        212.992 bytes\n               2 Dir(s)  26.953.371.648 bytes free<\/font><\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
 <\/p>\n
You can launch the tool by running "pvepcapstats.exe"<\/p>\n
If you don't provide any command line arguments, you'll get the banner and some syntax information :<\/p>\n\n\n\n
\n
C:\\Program Files\\Peter Van Eeckhoutte\\PVEpcapStats><\/span><\/b>PVEPcapStats.exe<\/span><\/i>\n\n---------------------------------------------------------\nPVE Wireshark\/tcpdump statistics collector\nWritten by Peter Van Eeckhoutte\nhttps:\/\/petersblog.dyndns.org:8899\nVersion 1.0.0.6\n---------------------------------------------------------\n\n  Usage : PVEPcapStats.exe -f <tcpdump\/wireshark capture file>\n     Optional arguments :\n       -s <starttime> -e <endtime>\n          Put both the starttime and endtime values between double quotes\n          This setting will force the application to only look at packets\n          that were captured between <starttime> and <endtime>\n       -m <nr of minutes>\n          If you specify the -m parameter, followed by a number\n          then a txt textfile (tab separated) will be created, containing some\n          statistics, grouped by the specified number of minutes\n       -p <portnumber,portnumber,...>\n          The -p parameter allows you to filter on port number(s)\n          The statistics will only be based on these TCP\/UDP port numbers\n          The port numbers (if multiple) must be comma separated.\n          Don't put spaces between the ports !<\/font><\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
You may notice that the application appears to delay right after "Version...".  This is because, at that time, it will attempt to see if there is a newer version available. <\/p>\n
What do the arguments mean ?<\/p>\n
First of all, you need to feed the name of the wireshark\/tcpdump file to the application. Use the parameter -f to specify the filename. If the filename contains spaces, make sure to put the filename between double quotes.<\/p>\n
If you run the tool with just the -f parameter, you'll get the overall statistics for the entire pcap file, including the date & time of the first and last packet. <\/p>\n\n\n\n
\n
C:\\Program Files\\Peter Van Eeckhoutte\\PVEpcapStats><\/span><\/b>PVEPcapStats.exe -f "tcpdump capture.cap"<\/span><\/i>\n---------------------------------------------------------\nPVE Wireshark\/tcpdump statistics collector\nWritten by Peter Van Eeckhoutte\nhttps:\/\/petersblog.dyndns.org:8899\nVersion 1.0.0.6\n---------------------------------------------------------\n  Parameters detected :\n  - Pcap file :\n    tcpdump capture.cap\n\n[+] Please wait while processing Wireshark\/tcpdump file...\n\n[+] Statistics overview :\n\n  tcpdump file size                         : 1073746328 Bytes\n                                              (1024 MBytes)\n  First packet timestamp                    : 15\/05\/2008 14:53:30\n  Last packet timestamp                     : 15\/05\/2008 15:58:49\n  Nr of secs between first and last packet  : 3919\n  Nr of packets read                        : 988459\/988459\n  Total size of all analyzed packets        : 1057930960 Bytes\n  Average packet size                       : 1070,28 Bytes\n  Average Bytes\/sec                         : 269949,212\n          Megabits\/sec                      : 2,060<\/font>\n<\/font><\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n  
If you are only interested in a specific part of the libpcap file, you can specify a starttime and endtime (Date + time in both cases. When specifying a start and end date\/timestamp, make sure to verify the format of the Date & Time string, so it matches the format of the output on your screen).  All other data in the libpcap capture file will be ignored. In order to set this up, you'll need to use the -s (start time) and -e (end time) parameters.  Put both date&timestamps between double quotes.<\/p>\n
Make sure not to specify timestamps that are outside of the captured file contents.  Otherwise, the calculated average bandwidth will be wrong.<\/p>\n
You can use the the -m parameter to create a tab separated txt file, that contains bundled statistics, grouped by the number of minutes you've specified.  So if you logfile contains 1 hour of data, and if you specify -m 10, then you'll get a txt file with 6 entries. Every entry will have the average bandwidth, packetsize, etc, for these 10 minutes.<\/p>\n
By default, if the file bandwidthstats.txt does not exist, a new file will be created.  If the file does exist, info will be appended.  Don't forget to move\/rename older txt files if you want to perform stats on a new set of data files.<\/p>\n
Last but not least, you can tell the application to only look at traffic that contains certain ports. You can only filter on tcp\/udp ports.  You can specify multiple ports by comma-separating the port numbers. Make sure not to put any spaces between the various port numbers.<\/p>\n
An example :<\/p>\n
Suppose your capture file is called  "tcpdump capture.cap" and is located in the same folder as the application.  In order to get the start and end time of the capture file, you could run the tool with only the -f parameter (see above). Based on this information, you can further refine the statistics collection task.<\/p>\n
If you are only interested in the packets between 14:55 and 15:55, and you want to get a txt file with the statistics for every 5 minutes in that time window, and if you only want to see traffic that uses port 1352 and port 25, then this would be the command line you need to use :<\/p>\n\n\n\n
\n
C:\\Program Files\\Peter Van Eeckhoutte\\PVEpcapStats><\/font><\/span><\/b>PVEPcapStats.exe -f "tcpdump capture.cap" <\/span><\/i><\/font><\/pre>\n
  -s "15\/05\/2008 14:55:00" -e "15\/05\/2008 15:55:00" -m 5 -p 1352,25<\/span><\/i>\n\n---------------------------------------------------------\nPVE Wireshark\/tcpdump statistics collector\nWritten by Peter Van Eeckhoutte\nhttps:\/\/petersblog.dyndns.org:8899\nVersion 1.0.0.6\n---------------------------------------------------------\n  Parameters detected :\n  - Pcap file :\n    tcpdump capture.cap\n  - Only process packets that have been captured between :\n      15\/05\/2008 14:55:00\n      and\n      15\/05\/2008 15:55:00\n  - Use output file with bandwidth statistics, bundled into\n    windows of 5 minutes\n    ** If file 'bandwidthstats.txt' already exists, data will be appended ! **\n  - TCP\/UDP port(s) to look at : 1352,25\n\n[+] Please wait while processing Wireshark\/tcpdump file...\n\n[+] Statistics overview :\n\n  tcpdump file size                         : 1073746328 Bytes\n                                              (1024 MBytes)\n  First packet timestamp                    : 15\/05\/2008 14:53:30\n  Last packet timestamp                     : 15\/05\/2008 15:58:49\n  Analysis start timestamp                  : 15\/05\/2008 14:55:00\n  Analysis end timestamp                    : 15\/05\/2008 15:55:00\n  Nr of secs between first and last packet  : 3600\n  Nr of packets read                        : 909873\/988459\n  Total size of all analyzed packets        : 976218629 Bytes\n  Average packet size                       : 1072,92 Bytes\n  Average Bytes\/sec                         : 271171,841\n          Megabits\/sec                      : 2,069<\/font><\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
 <\/p>\n
The bandwidthstats.txt looks like this :<\/p>\n
\"image_6\"<\/a> <\/p>\n
If you want to analyze the entire file, and create a bandwidthstats file that contains averages for every minute, use this command :<\/p>\n\n\n\n
\n
C:\\Program Files\\Peter Van Eeckhoutte\\PVEpcapStats><\/span><\/b>PVEPcapStats.exe -f "tcpdump capture.cap" <\/span><\/i><\/font>-m 1<\/span><\/i>\n---------------------------------------------------------\nPVE Wireshark\/tcpdump statistics collector\nWritten by Peter Van Eeckhoutte\nhttps:\/\/petersblog.dyndns.org:8899\nVersion 1.0.0.6\n---------------------------------------------------------\n  Parameters detected :\n  - Pcap file :\n    tcpdump capture.cap\n  - Use output file with bandwidth statistics, bundled into\n    windows of 1 minutes\n    ** If file 'bandwidthstats.txt' already exists, data will be appended ! **\n\n[+] Please wait while processing Wireshark\/tcpdump file...\n\n[+] Statistics overview :\n\n  tcpdump file size                         : 1073746328 Bytes\n                                              (1024 MBytes)\n  First packet timestamp                    : 15\/05\/2008 14:53:30\n  Last packet timestamp                     : 15\/05\/2008 15:58:49\n  Nr of secs between first and last packet  : 3919\n  Nr of packets read                        : 988459\/988459\n  Total size of all analyzed packets        : 1057930960 Bytes\n  Average packet size                       : 1070,28 Bytes\n  Average Bytes\/sec                         : 269949,212\n          Megabits\/sec                      : 2,060<\/font><\/pre>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
 <\/p>\n
Open the txt file in a tool such as MS Excel and you'll be able to create some nice graphs about your bandwidth utilization.<\/p>\n
Enjoy - and let me know if something doesn't work as expected...<\/p>\n
Note : in order to interprete the results correctly, make sure to verify your decimal\/thousands separator settings on your computer. On my computer, the regional settings are set to , = decimal separator.  <\/p>\n","protected":false},"excerpt":{"rendered":"
Keywords : Wireshark Out Of Memory tcpdump statistics pcap The story I'm about to tell may sound familiar to most of you. You've been asked to gather some bandwidth utilization statistics on one of your servers. You've installed Wireshark on the server to capture all traffic, or you've used linux' tcpdump to capture all traffic. … Continue reading \"Free tool - PVE pcap statistics collector\"<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[488,164,127],"tags":[484],"class_list":["post-648","post","type-post","status-publish","format-standard","hentry","category-corelan-free-tools","category-networking","category-security","tag-free-tool"],"yoast_head":"\nFree tool - PVE pcap statistics collector - Corelan | Exploit Development & Vulnerability Research<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.corelan.be\/index.php\/2008\/05\/25\/free-tool-pve-pcap-statistics-collector\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Free tool - PVE pcap statistics collector - Corelan | Exploit Development & Vulnerability Research\" \/>\n<meta property=\"og:description\" content=\"Keywords : Wireshark Out Of Memory tcpdump statistics pcap The story I'm about to tell may sound familiar to most of you. You've been asked to gather some bandwidth utilization statistics on one of your servers. You've installed Wireshark on the server to capture all traffic, or you've used linux' tcpdump to capture all traffic. … Continue reading "Free tool - PVE pcap statistics collector"\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.corelan.be\/index.php\/2008\/05\/25\/free-tool-pve-pcap-statistics-collector\/\" \/>\n<meta property=\"og:site_name\" content=\"Corelan | Exploit Development & Vulnerability Research\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/corelanconsulting\" \/>\n<meta property=\"article:published_time\" content=\"2008-05-25T11:18:40+00:00\" \/>\n<meta name=\"author\" content=\"corelanc0d3r\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@corelanc0d3r\" \/>\n<meta name=\"twitter:site\" content=\"@corelanc0d3r\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"TechArticle\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2008\\\/05\\\/25\\\/free-tool-pve-pcap-statistics-collector\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2008\\\/05\\\/25\\\/free-tool-pve-pcap-statistics-collector\\\/\"},\"author\":{\"name\":\"corelanc0d3r\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#\\\/schema\\\/person\\\/3be5542b9b0a0787893db83a5ad68e8f\"},\"headline\":\"Free tool - PVE pcap statistics collector\",\"datePublished\":\"2008-05-25T11:18:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2008\\\/05\\\/25\\\/free-tool-pve-pcap-statistics-collector\\\/\"},\"wordCount\":897,\"publisher\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#organization\"},\"keywords\":[\"free tool\"],\"articleSection\":[\"Corelan Free Tools\",\"Networking\",\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2008\\\/05\\\/25\\\/free-tool-pve-pcap-statistics-collector\\\/\",\"url\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2008\\\/05\\\/25\\\/free-tool-pve-pcap-statistics-collector\\\/\",\"name\":\"Free tool - PVE pcap statistics collector - Corelan | Exploit Development & Vulnerability Research\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#website\"},\"datePublished\":\"2008-05-25T11:18:40+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2008\\\/05\\\/25\\\/free-tool-pve-pcap-statistics-collector\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2008\\\/05\\\/25\\\/free-tool-pve-pcap-statistics-collector\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2008\\\/05\\\/25\\\/free-tool-pve-pcap-statistics-collector\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.corelan.be\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Free tool – PVE pcap statistics collector\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#website\",\"url\":\"https:\\\/\\\/www.corelan.be\\\/\",\"name\":\"Corelan CyberSecurity Research\",\"description\":\"Corelan publishes in-depth tutorials on exploit development, Windows exploitation, vulnerability research, heap internals, reverse engineering and security tooling used by professionals worldwide.\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.corelan.be\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#organization\",\"name\":\"Corelan CyberSecurity Research\",\"url\":\"https:\\\/\\\/www.corelan.be\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.corelan.be\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/corelanlogo2_small-20.png\",\"contentUrl\":\"https:\\\/\\\/www.corelan.be\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/corelanlogo2_small-20.png\",\"width\":200,\"height\":200,\"caption\":\"Corelan CyberSecurity Research\"},\"image\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/corelanconsulting\",\"https:\\\/\\\/x.com\\\/corelanc0d3r\",\"https:\\\/\\\/x.com\\\/corelanconsulting\",\"https:\\\/\\\/instagram.com\\\/corelanconsult\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#\\\/schema\\\/person\\\/3be5542b9b0a0787893db83a5ad68e8f\",\"name\":\"corelanc0d3r\",\"pronouns\":\"he\\\/him\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x\",\"caption\":\"corelanc0d3r\"},\"description\":\"Peter Van Eeckhoutte is the founder of Corelan and a globally recognized expert in exploit development and vulnerability research. With over two decades in IT security, he built Corelan into a respected platform for deep technical research, hands-on training, and knowledge sharing. Known for his influential exploit development tutorials, tools, and real-world training, Peter combines a strong research mindset with a passion for education\u2014helping security professionals understand not just how exploits work, but why.\",\"sameAs\":[\"https:\\\/\\\/www.corelan-training.com\",\"https:\\\/\\\/instagram.com\\\/corelanc0d3r\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/petervaneeckhoutte\\\/\",\"https:\\\/\\\/x.com\\\/corelanc0d3r\"],\"url\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/author\\\/admin0\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Free tool - PVE pcap statistics collector - Corelan | Exploit Development & Vulnerability Research","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.corelan.be\/index.php\/2008\/05\/25\/free-tool-pve-pcap-statistics-collector\/","og_locale":"en_US","og_type":"article","og_title":"Free tool - PVE pcap statistics collector - Corelan | Exploit Development & Vulnerability Research","og_description":"Keywords : Wireshark Out Of Memory tcpdump statistics pcap The story I'm about to tell may sound familiar to most of you. You've been asked to gather some bandwidth utilization statistics on one of your servers. You've installed Wireshark on the server to capture all traffic, or you've used linux' tcpdump to capture all traffic. … Continue reading \"Free tool - PVE pcap statistics collector\"","og_url":"https:\/\/www.corelan.be\/index.php\/2008\/05\/25\/free-tool-pve-pcap-statistics-collector\/","og_site_name":"Corelan | Exploit Development & Vulnerability Research","article_publisher":"https:\/\/www.facebook.com\/corelanconsulting","article_published_time":"2008-05-25T11:18:40+00:00","author":"corelanc0d3r","twitter_card":"summary_large_image","twitter_creator":"@corelanc0d3r","twitter_site":"@corelanc0d3r","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"TechArticle","@id":"https:\/\/www.corelan.be\/index.php\/2008\/05\/25\/free-tool-pve-pcap-statistics-collector\/#article","isPartOf":{"@id":"https:\/\/www.corelan.be\/index.php\/2008\/05\/25\/free-tool-pve-pcap-statistics-collector\/"},"author":{"name":"corelanc0d3r","@id":"https:\/\/www.corelan.be\/#\/schema\/person\/3be5542b9b0a0787893db83a5ad68e8f"},"headline":"Free tool - PVE pcap statistics collector","datePublished":"2008-05-25T11:18:40+00:00","mainEntityOfPage":{"@id":"https:\/\/www.corelan.be\/index.php\/2008\/05\/25\/free-tool-pve-pcap-statistics-collector\/"},"wordCount":897,"publisher":{"@id":"https:\/\/www.corelan.be\/#organization"},"keywords":["free tool"],"articleSection":["Corelan Free Tools","Networking","Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.corelan.be\/index.php\/2008\/05\/25\/free-tool-pve-pcap-statistics-collector\/","url":"https:\/\/www.corelan.be\/index.php\/2008\/05\/25\/free-tool-pve-pcap-statistics-collector\/","name":"Free tool - PVE pcap statistics collector - Corelan | Exploit Development & Vulnerability Research","isPartOf":{"@id":"https:\/\/www.corelan.be\/#website"},"datePublished":"2008-05-25T11:18:40+00:00","breadcrumb":{"@id":"https:\/\/www.corelan.be\/index.php\/2008\/05\/25\/free-tool-pve-pcap-statistics-collector\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.corelan.be\/index.php\/2008\/05\/25\/free-tool-pve-pcap-statistics-collector\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.corelan.be\/index.php\/2008\/05\/25\/free-tool-pve-pcap-statistics-collector\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.corelan.be\/"},{"@type":"ListItem","position":2,"name":"Free tool – PVE pcap statistics collector"}]},{"@type":"WebSite","@id":"https:\/\/www.corelan.be\/#website","url":"https:\/\/www.corelan.be\/","name":"Corelan CyberSecurity Research","description":"Corelan publishes in-depth tutorials on exploit development, Windows exploitation, vulnerability research, heap internals, reverse engineering and security tooling used by professionals worldwide.","publisher":{"@id":"https:\/\/www.corelan.be\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.corelan.be\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.corelan.be\/#organization","name":"Corelan CyberSecurity Research","url":"https:\/\/www.corelan.be\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.corelan.be\/#\/schema\/logo\/image\/","url":"https:\/\/www.corelan.be\/wp-content\/uploads\/2026\/03\/corelanlogo2_small-20.png","contentUrl":"https:\/\/www.corelan.be\/wp-content\/uploads\/2026\/03\/corelanlogo2_small-20.png","width":200,"height":200,"caption":"Corelan CyberSecurity Research"},"image":{"@id":"https:\/\/www.corelan.be\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/corelanconsulting","https:\/\/x.com\/corelanc0d3r","https:\/\/x.com\/corelanconsulting","https:\/\/instagram.com\/corelanconsult"]},{"@type":"Person","@id":"https:\/\/www.corelan.be\/#\/schema\/person\/3be5542b9b0a0787893db83a5ad68e8f","name":"corelanc0d3r","pronouns":"he\/him","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x","url":"https:\/\/secure.gravatar.com\/avatar\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x","caption":"corelanc0d3r"},"description":"Peter Van Eeckhoutte is the founder of Corelan and a globally recognized expert in exploit development and vulnerability research. With over two decades in IT security, he built Corelan into a respected platform for deep technical research, hands-on training, and knowledge sharing. Known for his influential exploit development tutorials, tools, and real-world training, Peter combines a strong research mindset with a passion for education\u2014helping security professionals understand not just how exploits work, but why.","sameAs":["https:\/\/www.corelan-training.com","https:\/\/instagram.com\/corelanc0d3r","https:\/\/www.linkedin.com\/in\/petervaneeckhoutte\/","https:\/\/x.com\/corelanc0d3r"],"url":"https:\/\/www.corelan.be\/index.php\/author\/admin0\/"}]}},"views":3240,"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/posts\/648","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/comments?post=648"}],"version-history":[{"count":0,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/posts\/648\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/media?parent=648"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/categories?post=648"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/tags?post=648"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}