I recently published a small open-source project. It’s a minimal network packet analyzer written in Go — designed more like a learning toy than a replacement for Wireshark.
It currently supports parsing basic protocols like TLS, DNS, and HTTP, and includes a tiny fuzzing engine to test payload responses. You can inspect raw packet content directly from the terminal. The output is colored for readability, and the code structure is kept simple and clear.
The entire program is very small — just about 400 lines of Go code. I know it’s not anywhere near Wireshark’s level, and I still use Wireshark myself for real-world analysis. But I built it as a personal experiment in network parsing and to understand protocol behavior more directly.
If you're curious or would like to try it out, the project is here: https://github.com/lixiasky/vanta
I'm happy to hear your thoughts, suggestions, or critiques. It’s just a little network toy, but maybe someone out there finds it useful or fun.
Thanks for reading!
I'm just an undergrad student in China (not even CS major, unfortunately), and this little project was my way of saying thanks — to the schools that stood up bravely.
Really appreciate your kind words. Let’s see what comes next. :)
I hope that's ok with you! The alternative would be to move it under https://news.ycombinator.com/item?id=44161021, but it's a really nice comment so I don't want to do that.
How I parsed IP for example:
type Addr [4]uint8
func (ip Addr) String() string {
return fmt.Sprintf("%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3])
}
type Hdr struct {
Version uint8
IHL uint8
DSCP uint8
ECN uint8
Length uint16
Id uint16
Flags uint8
Fragoffset uint16
TTL uint8
Protocol uint8
Checksum uint16
Src Addr
Dst Addr
}
func (hdr *Hdr) Parse(d []byte) error {
hdr.Version = uint8(d[0] >> 4)
hdr.IHL = uint8(d[0] & 0x0f)
hdr.DSCP = uint8(d[1] >> 6)
hdr.ECN = uint8(d[1] & 0x03)
hdr.Length = uint16(binary.BigEndian.Uint16(d[2:4]))
hdr.Id = uint16(binary.BigEndian.Uint16(d[4:6]))
hdr.Flags = uint8(d[6] >> 5)
hdr.Fragoffset = uint16(binary.BigEndian.Uint16(d[6:8])) & 0x1fff
hdr.TTL = d[8]
hdr.Protocol = d[9]
hdr.Checksum = uint16(binary.BigEndian.Uint16(d[10:12]))
hdr.Src = Addr{d[12], d[13], d[14], d[15]}
hdr.Dst = Addr{d[16], d[17], d[18], d[19]}
if hdr.IHL > 5 {
fmt.Println("extra options detected") // TODO: support for extra options
}
return nil
}Yeah, I’m currently using gopacket mainly to get something working fast, but I’ve been thinking about writing my own parsers from scratch to understand the protocols better.
Your Hdr example is really clean — definitely saving this as reference! I love how direct and readable it is.
I’ll definitely try going lower level when I revisit the packet layer logic. Thanks again for the nudge
The features you mentioned sound awesome. I might give it a try later on—supporting stream breaks and debug controls sounds really fun
If it happens to fill a niche, that’s a lucky bonus
Curios what made you choose Go for this project? I am looking into building a toy version of Burp with either Rust/Go but still undecided.
I'm still a student, and I don’t have super big ambitions yet — I just wanted to build something I could actually finish and understand
Rust is amazing, but I haven’t started learning it seriously yet. It feels a bit overwhelming at this stage. Maybe one day, when I'm ready to dive deeper!
Good luck with your Burp project too — I’d love to see it if you share it someday!
I have no idea if you could make any use of such a thing, but, if you email info@rsync.net we would be happy to give a free-forever account to use in any way you see fit.
Note that none of this has to do with vanta itself; it's solely because it depends on libpcap, and libpcap depends on all of those other libraries. Still, it does mean that cross-compiling isn't notably easier than just building tcpdump itself.
I chose go mainly for static binaries (no install steps needed for the end user), and also because I have been really enjoying writing go programs lately, mainly because of the simplicity without too much of a tradeoff for speed.
Yes, Vanta currently relies on gopacket for packet capture and parsing. As a student, my main goal was to build something clear, functional, and real — rather than reinvent everything from scratch.
I'm actively learning the details of network protocols, and I do plan to write some custom parsers later, both for flexibility and personal understanding. But at this stage, I think it’s more important to deliver a meaningful tool than to prove I can reimplement low-level stacks.
In the long run, I may gradually replace parts of gopacket, but right now it's an important and reliable foundation for the project.
(And honestly — finishing something real matters more to me than perfection )
https://trends.google.com/trends/explore?date=today%205-y&q=...
> I’m just an ordinary undergraduate with no resources or background. This is my way of responding — not by petition, but through code. Vanta may be small, but it’s real, and it’s mine.
This comes off as super ChatGPT-y to me. "X is not y — it's Z! Preamble, passionate statement. Sycophantic encouraging statement — list, of, a, few, things, but also this. Summarize statement, but this other thing, and saying the same thing again but in a slightly different way."
I've given up on ChatGPT because of this style of writing.
So yeah, that probably shaped the way I wrote this. You’re right though — reading it again, it does sound kinda overly polished.
I’ll try to keep future writing more personal and grounded. Still learning — and thanks for reading it at all. That already means a lot!
AIs also use the word "the" frequently.
I think this notion that em dash always means chatgpt is an overview correction.
If OP was an actual company, that would be different. But this is quite literally a toy project.
Anyway, congrats OP! Your project looks really cool.
I agree that having discussion get consumed by the name is unfortunate and off-topic. It's also predictable, alas (https://news.ycombinator.com/item?id=44161041) but we have various tricks to try to dampen it.
with the added benefit that the software family could be extended in the future with other learning exercises such as a Rust forum engine named Ranta
/s
Obviously, there are often different services that share the same name, but given that Vanta isn't an actual word in the English language, I would think this might be confusing for people.
As a data point of one, I just assumed Vanta (the company) was doing a Show HN today and was confused at first glance.
Did the title of the post change? At first glance the Show HN is a toy wireshark program very far from any Trust Management and compliance
The world is a big place. I bet this kid had no idea that the name was "taken"—either that or they assumed their project was so obviously different that no one would care.
Little did they realize that internet discussions go into seizure about names under all too many conditions.
Vanta (and the auditors they market) is a nice company I'm happy user of but I'm afraid they won't be too pleased with this.
Your project is a pretty nice overview of what network level monitoring encompasses, I'd say it's more than a tool, it has obvious educational value. Would be sad to see it buried under naming issues.
I'm surprised that the Chicago equity firm didn't have vanta.com registered (they're on https://vantaglobal.com).
You weren't even the first to have Vanta registered in your sector. Nvidia has that registered at one point but didn't use the name and it became "dead".
All I'm saying really is that maybe you should look at yourself before you ask someone else to change their project's name.
https://www.smithsonianmag.com/smart-news/artist-only-person...