12 April 2011 | 10,373 views

RawCap – Free Command Line Packet/Network Sniffer For Windows (Raw Sockets)

Check For Vulnerabilities with Acunetix

RawCap is a free command line network sniffer for Windows that uses raw sockets.


  • Can sniff any interface that has got an IP address, including (localhost/loopback)
  • RawCap.exe is just 17 kB
  • No external libraries or DLL’s needed other than .NET Framework 2.0
  • No installation required, just download RawCap.exe and sniff
  • Can sniff most interface types, including WiFi and PPP interfaces
  • Minimal memory and CPU load
  • Reliable and simple to use

Raw sockets limitations in Vista and Win7

Due to current limitations in the raw sockets implementations for Windows Vista and Windows 7 we suggest running RawCap on Windows XP. The main problem with raw socket sniffing in Vista and Win7 is that you might not receive either incoming packets (Win7) or outgoing packets (Vista).

You can download RawCap here:


Or read more here.


Recent in Hacking Tools:
- Mimikatz – Gather Windows Credentials
- Dharma – Generation-based Context-free Grammar Fuzzing Tool
- Passgen – Random Character Generator For WPA/WPA2 Key Cracking

Related Posts:
- SniffPass – Simple Password Sniffer
- NetworkMiner v1.1 Released – Windows Packet Analyzer & Sniffer
- Hping 2 Fixed for Windows XP SP2 (Service Pack 2)

Most Read in Hacking Tools:
  • Top 15 Security/Hacking Tools & Utilities - 1,924,121 views
  • Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,210,767 views
  • wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 650,976 views

  • Low-cost VPS Hosting

    2 Responses to “RawCap – Free Command Line Packet/Network Sniffer For Windows (Raw Sockets)”

    1. Bogwitch 12 April 2011 at 12:54 pm Permalink

      IIRC, there are some limitations concerning raw sockets unse XPSP2/XPSP3 too.

      • Darknet 12 April 2011 at 4:23 pm Permalink

        Some yah, maybe they use the Ethernet Frames workaround though.