GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → hsluoyz → WinDump

hsluoyz / WinDump

Licence: MIT License
A user-mode packet dump software based on Npcap

Programming Languages

c
50402 projects - #5 most used programming language
Roff
2310 projects
C++
36643 projects - #6 most used programming language
shell
77523 projects
Makefile
30231 projects
awk
318 projects

Labels

winpcaplibpcaptcpdumpnpcapnpcap-sdkwindump

Projects that are alternatives of or similar to WinDump

Jxnet
Jxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).
Stars: ✭ 26 (-10.34%)
Mutual labels:  winpcap, libpcap, npcap
tcpslice
tcpslice concatenates multiple pcap files together, or extracts time slices from one or more pcap files.
Stars: ✭ 48 (+65.52%)
Mutual labels:  libpcap, tcpdump
Tcpdump
the TCPdump network dissector
Stars: ✭ 1,731 (+5868.97%)
Mutual labels:  libpcap, tcpdump
NetStalker
A network tool to control the bandwidth over your local network.
Stars: ✭ 69 (+137.93%)
Mutual labels:  libpcap, npcap
PersonalStuff
This is a repo is to upload files done during my research.
Stars: ✭ 94 (+224.14%)
Mutual labels:  tcpdump
Libtins
High-level, multiplatform C++ network packet sniffing and crafting library.
Stars: ✭ 1,609 (+5448.28%)
Mutual labels:  libpcap
Nmap
Nmap - the Network Mapper. Github mirror of official SVN repository.
Stars: ✭ 5,792 (+19872.41%)
Mutual labels:  libpcap
sniffer
🤒 A modern alternative network traffic sniffer.
Stars: ✭ 428 (+1375.86%)
Mutual labels:  tcpdump
WlanHelper
A used-mode WLAN tool to help switch wireless adapter to Monitor Mode on Windows.
Stars: ✭ 20 (-31.03%)
Mutual labels:  npcap
sharppcap
Official repository - Fully managed, cross platform (Windows, Mac, Linux) .NET library for capturing packets
Stars: ✭ 1,054 (+3534.48%)
Mutual labels:  npcap
sniffer
Sniffer is an http packet capture tool, base on golang gopacket(libpcap)
Stars: ✭ 50 (+72.41%)
Mutual labels:  libpcap
mole
Yara powered NIDS with high speed packet capture powered by PF_RING
Stars: ✭ 51 (+75.86%)
Mutual labels:  libpcap
rpcapd-linux
rpcapd utility modified to compile under linux
Stars: ✭ 68 (+134.48%)
Mutual labels:  winpcap
wiresham
Simple TCP service mocking tool for replaying https://www.wireshark.org and http://www.tcpdump.org captured service traffic
Stars: ✭ 44 (+51.72%)
Mutual labels:  tcpdump
network-tools
Network Tools
Stars: ✭ 27 (-6.9%)
Mutual labels:  tcpdump
Freewifi
How to get free wifi.
Stars: ✭ 2,701 (+9213.79%)
Mutual labels:  tcpdump
SnifferUI
基于MFC和WinPcap库开发的网络抓包和协议分析软件
Stars: ✭ 86 (+196.55%)
Mutual labels:  winpcap
sockdump
Dump unix domain socket traffic with bpf
Stars: ✭ 160 (+451.72%)
Mutual labels:  tcpdump
packiffer
lightweight cross-platform networking toolkit
Stars: ✭ 52 (+79.31%)
Mutual labels:  libpcap
kunnan.github.io
@zhangkn
Stars: ✭ 13 (-55.17%)
Mutual labels:  tcpdump
View All Similar Projects ➔

WinDump for Npcap

Release License Downloads TotalDownloads

A user-mode packet dump software based on Npcap. It's a fork of the original WinDump.

Build

  1. Get the latest Npcap SDK.
  2. Build win32\prj\WinDump.sln with Visual Studio 2013 or later.
  3. Note: in this MSVC project, the Npcap SDK is pointing to J:\npcap\npcap-sdk, you may need to adjust this setting to your own Npcap SDK location.

Releases

https://github.com/hsluoyz/WinDump/releases

Usage

Get the list of interfaces:

J:\github_repos\WinDump\win32\prj\Win32\Release>WinDump.exe -D
1.\Device\NPF_{9ADACD44-ECFF-45E2-BD5E-3491DEBA711F} (NdisWan Adapter)
2.\Device\NPF_{8A300A14-CA5A-4A3C-B52B-7516661B4CDA} (NdisWan Adapter)
3.\Device\NPF_{44DB6B7A-661D-4FA3-925E-6287EA48D3F6} (NdisWan Adapter)
4.\Device\NPF_{F0353155-69D0-4611-AB2A-EE864BE0ADD9} (Microsoft)
5.\Device\NPF_{385F30D0-9166-45D3-BBC6-F1D9C5300AF9} (Microsoft)

Capture on an interface:

J:\github_repos\WinDump\win32\prj\Win32\Release>WinDump.exe -i5
WinDump.exe: listening on \Device\NPF_{385F30D0-9166-45D3-BBC6-F1D9C5300AF9}
23:09:29.711696 IP AkiSn0w-PC.14468 > 125.33.6.205.2123: UDP, length 37
23:09:29.711801 IP AkiSn0w-PC.14468 > 125.33.6.205.2123: UDP, length 1428
23:09:29.711867 IP AkiSn0w-PC.14468 > 125.33.6.205.2123: UDP, length 1428
23:09:29.711893 IP AkiSn0w-PC.14468 > 125.33.6.205.2123: UDP, length 1428
23:09:29.715645 IP AkiSn0w-PC.60784 > AkiSn0w-PC.53:  45922+ PTR? 205.6.33.125.in-addr.arpa. (43)
23:09:29.721960 IP AkiSn0w-PC.61696 > AkiSn0w-PC.53:  2523+ A? dc.services.visualstudio.com. (46)
23:09:29.722197 IP AkiSn0w-PC.53 > AkiSn0w-PC.60784:  45922 NXDomain 0/1/0 (97)
23:09:29.722198 IP 105.92.9.221.adsl-pool.jlccptt.net.cn.46313 > AkiSn0w-PC.14468: UDP, length 48
23:09:29.722198 IP 105.92.9.221.adsl-pool.jlccptt.net.cn.46313 > AkiSn0w-PC.14468: UDP, length 100
23:09:29.722198 IP 105.92.9.221.adsl-pool.jlccptt.net.cn.46313 > AkiSn0w-PC.14468: UDP, length 99
23:09:29.722464 IP AkiSn0w-PC.14468 > 105.92.9.221.adsl-pool.jlccptt.net.cn.46313: UDP, length 322
23:09:29.722546 IP AkiSn0w-PC.14468 > 105.92.9.221.adsl-pool.jlccptt.net.cn.46313: UDP, length 1439
23:09:29.722564 IP

For other advanced usage, please refer to WinDump docs.

How to use Npcap first when Npcap and WinPcap coexist?

Please refer to Npcap docs.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].