Which tool analyzes packet-capture files such as tcpdump and Wireshark?

tcptrace is designed to analyze packet capture files and extract TCP-level performance metrics from traces produced by tools like tcpdump or Wireshark. It parses the captured traffic, reconstructs each TCP connection, and computes statistics such as retransmissions, round-trip times, throughput, and window usage. This specialized analysis turns raw captures into meaningful TCP behavior reports and graphs. Wireshark, while a powerful protocol analyzer, focuses on inspecting individual packets and protocols within a capture rather than delivering the broader TCP trace statistics tcptrace provides. tcpdump’s primary role is to capture packets; it can save them to a file, but it isn’t the tool that compiles TCP-level analysis from those traces. Nmap is a network scanner for discovering hosts and services, not a tool for analyzing packet-capture traces.