Stack Overflow
Stack Overflow

Questions tagged [pcap]

pcap (packet capture) consists of an application programming interface (API) for capturing network traffic. The pcap file format is a binary format, and is the de facto standard format for network packet capture.

pcap (packet capture) consists of an application programming interface (API) for capturing network traffic. Unix-like systems implement pcap in the libpcap library; Windows uses a port of libpcap known as .

Source: Wikipedia

pcap also refers to the file format originally generated by the libpcap library. This binary format has become a de facto standard format for packet capture, and is now generated by other network analyzer tools, such as Wireshark.

Source: https://www.lesliesikos.com/pcap

1410 questions
0
votes
1 answer

How Microsoft Network Monitor works

Does Microsoft Network Monitor depends on pcap/winpcap/libpcap libary? Or it has built its own libary/drivers to capture network packets? I cannot find any information about that subject. I am asking, cos Microsoft Network Monitor does not require…
IQ_little
  • 1
  • 2
-1
votes
4 answers

C: 2 different headers define struct udphdr. How to tell GCC to choose one?

I am working with pcap code and the struct udphdr seems to be defined in two includes. How to tell GCC to use a specific one?
dmz73
  • 1,588
  • 4
  • 20
  • 32
-1
votes
0 answers

saving packets in the pcap file with python packages

i have a list of packets that read from pyshark package in python packets = [] # list of packets that read with pyshark how I can save them in the pcap file ? i don't know how i can convert them to the bynary ?
amir.h
  • 1
  • 1
-1
votes
1 answer

Construct a pcap record from a csv record using C# .Net libraries

I have a CSV record as shown below. "1","0.000000","2.1.1.2","2.1.1.1","IPv4","1010","Fragmented IP protocol (proto=ICMP 1, off=0, ID=b5d0) [Reassembled in #2]" My requirement is to convert this single record into a pcap record as shown in below pic…
Subin Suthan
  • 61
  • 8
-1
votes
1 answer

Compiling Rust with pcap in Alma Linux

I'm trying to run a rust program that I've been using on Ubuntu on an AlmaLinux distro. It utilizes the pcap crate, which is installed. When I try to compile the application, I'm getting a /user/bin/ld: cannot find -lpcap collect2: error: ld…
PilotGuy
  • 41
  • 1
  • 6
-1
votes
1 answer

How To Extract The Name of the Level 7 HTTP2 Application in Tshark

So by default when you open a pcap in wireshark it looks something like this. enter image description here But I want to view the name of the websites, so I have to find the host (HTTP) or :authority (HTTP2) header then apply it as a column so that…
Gamuchirai Ndawana
  • 3
  • 2
-1
votes
1 answer

Wireshark/pcap file format for serial data?

I would like a Python file that uses a serial port to generate Wireshark/pcap compatible "trace" files of the serial data being exchanged. Can someone point me at the format of the pcap file I need to create for such data? For example do I have to…
Paul D Smith
  • 639
  • 5
  • 16
-1
votes
1 answer

How to use scapy to decrypt TLS traffic and print the http headers

I want to decrypt TLS traffic in a pcap file using scapy by providing certificate and private key. But i dont have a clue how to do it without using wireshark or tshark Could someone give me some suggestions? Thanks in advance.
user2880496
  • 11
  • 1
-1
votes
1 answer

How to check the HTTP response body(such as HTML content) with wireshark?

I input the URL in the address bar in the browser of the virtual machine, and the URL requests an HTML document in my host computer (this HTML document is also written by me). Then the HTML document is successfully displayed in the virtual machine…
user19470144
-1
votes
1 answer

UTF-8 is not the decoder

I'm using a program that reads data from a ubertooth-one device. I put the input data into a pipe file (made with mkfifo), but when i try to read the data i have the following error: Exception in thread Thread-2: Traceback (most recent call last): …
k1k4ss0
  • 87
  • 10
-1
votes
1 answer

I want to know how to send packets from pcap file in Linux

In Windows OS, there is a program called "Packet Builder" by ColaSoft. This program has a function to retrieve and retransmit packets captured in Wireshark. I am trying to do the same in Kali Linux. How can I do this?
DownTop_oil
  • 25
  • 3
-1
votes
1 answer

Tcpdump how counting packets in given amount of time

I need to count the packages on an interface after a certain filter. Let's say I want to see how many packages per second I have with Filter Syn. The command below counts these packages, but fail to find an option to see how many requests of this…
borcan22
  • 11
  • 2
-1
votes
1 answer

Pandas indexing by column pairs (5-tuple)

I'm tring to set flow id for network 5-tuple, the original dataframe looks like: tup = [['192.168.0.1', '1032', '192.168.0.2', '443'], ['192.168.0.1', '1032', '192.168.0.2', '443'], ['192.168.0.1', '1034', '192.168.0.2', '443'], …
jjdblast
  • 525
  • 1
  • 8
  • 26
-1
votes
2 answers

Linux Command for getting a dump of hex values bytes from Pcap File

I require a linux command to display a Hexdump of PCAP File. Currently I am using xxd PcapFile.pcap command. With this I am getting a hexdump of pcap file along with other bytes inserted in between and end which do not belong to the pcap file. These…
Sukshith Shetty
  • 21
  • 2
  • 4
-1
votes
2 answers

Finding the least busy open wireless network: which language to pick for this weekend project?

I am a web developer (PHP/Javascript) and to increase my skill set, I would like to learn a new language. I have a simple test project in mind for this, so I can learn more about (wireless) networks and Linux, something I'm interested in as well. I…
Stephane Henkel
  • 7
  • 1
1 2 3
93 94