ngrep
« Back to VersTracker
Description:
Network grep
Type: Formula  |  Latest Version: 1.48.3@0  |  Tracked Since: Nov 6, 2025
Links: Homepage  |  formulae.brew.sh
Category: Networking
Tags: networking packet-sniffer cli debugging security
Install: brew install ngrep
About:
ngrep is a command-line network traffic analyzer that applies grep-like pattern matching to network packets. It can capture and filter packets in real-time using Berkeley Packet Filter (BPF) syntax or PCRE regular expressions. This makes it ideal for inspecting specific protocol payloads without the overhead of a full GUI packet analyzer.
Key Features:
  • Real-time packet capture with regex-based payload filtering
  • Support for multiple protocols including TCP, UDP, ICMP, and others
  • BPF and PCRE pattern matching capabilities
  • Verbose mode for detailed packet inspection
  • Can write captured data to pcap files for analysis in Wireshark
Use Cases:
  • Debugging application-level network protocols by searching for specific data patterns
  • Security monitoring to detect suspicious network activity or known attack signatures
  • Troubleshooting network services by filtering traffic between specific hosts and ports
Alternatives:
  • tcpdump – tcpdump captures all traffic but lacks built-in regex payload filtering; ngrep adds grep-like pattern matching on top of capture
  • Wireshark – Wireshark provides a comprehensive GUI for deep packet analysis, while ngrep offers a lightweight CLI alternative for targeted pattern searches
  • tshark – tshark is the CLI version of Wireshark with full protocol decoding; ngrep is simpler and more focused on regex matching
Version History
Detected Version Rev Change Commit
Nov 6, 2025 10:44pm 0 VERSION_BUMP afa26f1d
Sep 16, 2025 5:21pm 0 VERSION_BUMP ea975219
« Back to VersTracker  |  Browse Packages  |  About