Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

A user-mode packet dump software based on Npcap

License

NotificationsYou must be signed in to change notification settings

hsluoyz/WinDump

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ReleaseLicenseDownloadsTotalDownloads

A user-mode packet dump software based onNpcap. It's a fork of theoriginal WinDump.

Build

  1. Get the latestNpcap SDK.
  2. Buildwin32\prj\WinDump.sln withVisual Studio 2013 or later.
  3. Note: in this MSVC project, the Npcap SDK is pointing toJ:\npcap\npcap-sdk, you may need to adjust this setting to your own Npcap SDK location.

Releases

https://github.com/hsluoyz/WinDump/releases

Usage

Get the list of interfaces:

J:\github_repos\WinDump\win32\prj\Win32\Release>WinDump.exe -D1.\Device\NPF_{9ADACD44-ECFF-45E2-BD5E-3491DEBA711F} (NdisWan Adapter)2.\Device\NPF_{8A300A14-CA5A-4A3C-B52B-7516661B4CDA} (NdisWan Adapter)3.\Device\NPF_{44DB6B7A-661D-4FA3-925E-6287EA48D3F6} (NdisWan Adapter)4.\Device\NPF_{F0353155-69D0-4611-AB2A-EE864BE0ADD9} (Microsoft)5.\Device\NPF_{385F30D0-9166-45D3-BBC6-F1D9C5300AF9} (Microsoft)

Capture on an interface:

J:\github_repos\WinDump\win32\prj\Win32\Release>WinDump.exe -i5WinDump.exe: listening on \Device\NPF_{385F30D0-9166-45D3-BBC6-F1D9C5300AF9}23:09:29.711696 IP AkiSn0w-PC.14468 > 125.33.6.205.2123: UDP, length 3723:09:29.711801 IP AkiSn0w-PC.14468 > 125.33.6.205.2123: UDP, length 142823:09:29.711867 IP AkiSn0w-PC.14468 > 125.33.6.205.2123: UDP, length 142823:09:29.711893 IP AkiSn0w-PC.14468 > 125.33.6.205.2123: UDP, length 142823:09:29.715645 IP AkiSn0w-PC.60784 > AkiSn0w-PC.53:  45922+ PTR? 205.6.33.125.in-addr.arpa. (43)23:09:29.721960 IP AkiSn0w-PC.61696 > AkiSn0w-PC.53:  2523+ A? dc.services.visualstudio.com. (46)23:09:29.722197 IP AkiSn0w-PC.53 > AkiSn0w-PC.60784:  45922 NXDomain 0/1/0 (97)23:09:29.722198 IP 105.92.9.221.adsl-pool.jlccptt.net.cn.46313 > AkiSn0w-PC.14468: UDP, length 4823:09:29.722198 IP 105.92.9.221.adsl-pool.jlccptt.net.cn.46313 > AkiSn0w-PC.14468: UDP, length 10023:09:29.722198 IP 105.92.9.221.adsl-pool.jlccptt.net.cn.46313 > AkiSn0w-PC.14468: UDP, length 9923:09:29.722464 IP AkiSn0w-PC.14468 > 105.92.9.221.adsl-pool.jlccptt.net.cn.46313: UDP, length 32223:09:29.722546 IP AkiSn0w-PC.14468 > 105.92.9.221.adsl-pool.jlccptt.net.cn.46313: UDP, length 143923:09:29.722564 IP

For other advanced usage, please refer toWinDump docs.

How to use Npcap first when Npcap and WinPcap coexist?

Please refer toNpcap docs.

[8]ページ先頭
©2009-2025 Movatter.jp