It was 11 PM and a microservice in staging was making calls to some unknown external IP every 30 seconds. It wasn't mine — it belonged to another team — and they'd asked me to look at it because "something weird was going on with the network." I opened Wireshark. It hit me with 47 different filters and an interface that feels deliberately designed to make you feel stupid. Then I tried tcpdump in the terminal, which gave me exactly what I expected: a waterfall of incomprehensible text scrolling at infinite speed.
At that point I wanted something simple. I didn't want to dissect TCP packets at the byte level. I wanted to know: who's talking to whom, how much volume, and from which process? That. Nothing else.
That's when I found Sniffnet, and honestly it changed my workflow for that kind of debugging. It's not an offensive security tool and it doesn't pretend to replace anything professional. It's exactly what I needed: real visibility, fast, with zero friction.
What it does
Sniffnet is an open-source network traffic monitoring application written in Rust that runs on Windows, macOS, and Linux. You can install it as a standalone binary — no external dependencies to break your brain — or via cargo install sniffnet if you already have the Rust ecosystem set up.






