This Packet Sniffer used WinPCap libraries. But the most important difference from other projects with WinPCap is that here we have only npf.sys of WinPCap. Author has ported all the function from PacketNtx.dll to C#.
The features of it like ethereal which are
- You can stop a capture session by,
- when a specified time duration has passed
- when specified bytes of data captured
- when a number of specified packets captured
- when stop button pressed
- You can limit the size of the packets to a specified length.You can enable/disable MAC name resolution
- You can enable the live scrolling the captured packets
- You can change the hardware filter
- You can change capture mode
- You can change Adapter Buffer size, Read Buffer size , Timeout value etc.
- You can highlight the protocol data by either clicking the protocol node or the protocol data itself.
- You can see the index of a protocol data and the length of it
- You can save the captured packets int he format that ethereal understands
- You can load a packet file captured by ethereal
- You can partially save the captured packet by selecting them
- You can copy the protocol data to clipboard in the format string and in the hex layout by selecting the start and stop points
- You can sort the captured packets as desired
The code is pure managed, and it supports about 20 protocols which are,
- ETHERNET
- LLC
- STP
- NETBIOS
- CDP
- INTERNET
- TCP
- UDP
- HTTP
- ICMP
- ARP
- LOOPBACK
- NBDS
- NBNS
- NBSS
- SMB MAILSLOT
- SMB - Not finished yet
- DCERPC
- DLSW - Almost finished
- DNS - Not finished yet
- IPX
- TFTP
- EIGRP
Author: Fyrat Kocak
Please register or login to download attachments.