The library Pcap (from the English. Packet Capture ) allows you to create programs for analyzing network data arriving at the network interface card of the computer. An example of software using the Pcap library is Wireshark . A variety of network monitoring and testing programs, sniffers use this library. It is intended for use with C / C ++ languages , and it uses wrappers to work with the library in other languages, such as Java , .NET . For Unix-like systems, this is the libpcap library, and for Microsoft Windows, it is WinPcap. Network monitoring software can use libpcap or WinPcap to capture packets traveling around the network and (in newer versions) to transfer packets on the network. Libpcap and WinPcap also support saving captured packets to a file and reading files containing saved packets. Programs written based on libpcap or WinPcap can capture network traffic and analyze it. The captured traffic file is saved in a format understandable for applications using Pcap.
| Libpack | |
|---|---|
| Type of | |
| Developer | The tcpdump group |
| License | Three point BSD license |
| Site | tcpdump.org |
Content
WinPcap
| Winpcap | |
|---|---|
| Type of | |
| operating system | Microsoft Windows , Windows NT |
| Latest version | 4.1.3 (March 8, 2013) |
| License | BSD license with three points , partly with four points and others. |
| Site | winpcap.org |
The package WinPcap for Microsoft Windows includes:
- drivers for Windows 95/98 / Me , and for the Windows NT family ( Windows NT 4.0 , Windows 2000 , Windows XP , Windows Server 2003 , Windows Vista , etc.), which use NDIS to read packets that a network card receives;
- low-level libraries for interacting with network interface drivers.
Disadvantages - it works far from all non-standard adapters (Wi-Fi-cards, VPN, etc.).
Win10Pcap
| Win10Pcap | |
|---|---|
| Type of | |
| Developer | Daiyuu nobori |
| operating system | Microsoft Windows , Windows NT |
| Latest version | 10.2.5002 (October 8, 2015) |
| License | GPL v2 |
| Site | win10pcap.org |
A new version of the package called Win10Pcap was created on the basis of WinPcap. Unlike the original WinPcap, Win10Pcap is compatible with the NDIS 6.x driver model for stable Windows 10. Win10Pcap also supports IEEE802.1Q VLAN tagging. Win10Pcap is binary compatible with applications using the WinPcap libraries. Win10Pcap was created as a personal project by Daiyuu Nobori, Doctor of Technical Sciences, University of Tsukuba , Japan. Some components of Win10Pcap were borrowed from WinPcap.
Win10Pcap runs on Windows 10 (x86 and x64), 8.1, 8, 7 client servers and Windows Server 2016, 2012 R2, 2012 and 2008 servers. On June 8, 2015, the driver for Microsoft Windows 10 with kernel mode support received the Microsoft Windows 10 logo Compatible.
Some programs using libpcap / WinPcap
- tcpdump , A tool for capturing, saving packages and for further analysis.
- Wireshark (also Ethereal), A handy program with an advanced graphical interface for capturing and analyzing network data.
- Snort , Network Attack Detection System.
- Nmap , a port-scan fingerprinting
- the Bro IDS Network Monitoring.
- URL Snooper , defines the URLs of audio and video files so that they can be recorded.
- Kismet , for 802.11 wireless LAN.
- AppRadar , Database intrusion detection system.
- L0phtCrack password checker.
- AutoScan Network, a network attack detection program.
- WallCooler VPN Remote access to a virtual private VPN network.
- pTraffer A system for collecting, indexing and searching for information with the notification of the appearance of keywords
- HiDownload , download manager with built-in sniffer
- SSl Strip program for hacking on the Internet
- SING , spoofer
- Darkstat , traffic monitoring
- Proteus , a software package for computer-aided design (CAD) electronic circuits
Wrappers for using libpcap / WinPcap in languages ββother than C and C ++
Notes
Links
- The official libpcap website (and tcpdump)
- WinPcap official site (and WinDump)
- Pcapy official website
- SourceForge page for python-libpcap
- Ruby / Pcap Official Website
- Ssldump site sourceforge
- Tclpcap official website
- List of pcap applications
- AutoScan Network software site
- Libpcap ++ website
- Pcap based application examples