pcap
In the field of computer network administration, pcap is an application programming interface (API) for capturing network traffic. While the name is an abbreviation of packet capture, that is not the API's proper name. Unix-like systems implement pcap in the libpcap library; for Windows, there is a port of libpcap named WinPcap that is no longer supported or developed, and a port named Npcap for Windows 7 and later that is still supported.
| Developer(s) | The Tcpdump team |
|---|---|
| Stable release | 1.10.3
/ January 12, 2023 |
| Repository | libpcap on GitHub |
| Written in | C |
| Operating system | Linux, Solaris, FreeBSD, NetBSD, OpenBSD, macOS, other Unix-like |
| Type | Library for packet capture |
| License | BSD |
| Website | www |
| Developer(s) | Riverbed Technology |
|---|---|
| Final release | 4.1.3
/ March 8, 2013 |
| Operating system | Windows |
| Type | Library for packet capture |
| License | Freeware |
| Website | www |
| Developer(s) | the Nmap project |
|---|---|
| Stable release | 1.71
/ August 19, 2022 |
| Operating system | Windows |
| Type | Library for packet capture |
| License | Proprietary (source available) |
| Website | npcap |
Monitoring software may use libpcap, WinPcap, or Npcap to capture network packets traveling over a computer network and, in newer versions, to transmit packets on a network at the link layer, and to get a list of network interfaces for possible use with libpcap, WinPcap, or Npcap.
The pcap API is written in C, so other languages such as Java, .NET languages, and scripting languages generally use a wrapper; no such wrappers are provided by libpcap or WinPcap itself. C++ programs may link directly to the C API or make use of an object-oriented wrapper.