12 April 2011 | 10,439 views

RawCap – Free Command Line Packet/Network Sniffer For Windows (Raw Sockets)

Don't let your data go over to the Dark Side!

RawCap is a free command line network sniffer for Windows that uses raw sockets.


  • Can sniff any interface that has got an IP address, including (localhost/loopback)
  • RawCap.exe is just 17 kB
  • No external libraries or DLL’s needed other than .NET Framework 2.0
  • No installation required, just download RawCap.exe and sniff
  • Can sniff most interface types, including WiFi and PPP interfaces
  • Minimal memory and CPU load
  • Reliable and simple to use

Raw sockets limitations in Vista and Win7

Due to current limitations in the raw sockets implementations for Windows Vista and Windows 7 we suggest running RawCap on Windows XP. The main problem with raw socket sniffing in Vista and Win7 is that you might not receive either incoming packets (Win7) or outgoing packets (Vista).

You can download RawCap here:


Or read more here.


Recent in Hacking Tools:
- RWMC – Retrieve Windows Credentials With PowerShell
- MITMf – Man-In-The-Middle Attack Framework
- LaZagne – Password Recovery Tool For Windows & Linux

Related Posts:
- SniffPass – Simple Password Sniffer
- NetworkMiner v1.1 Released – Windows Packet Analyzer & Sniffer
- Hping 2 Fixed for Windows XP SP2 (Service Pack 2)

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,954,806 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,334,319 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 666,122 views

Advertise on Darknet

2 Responses to “RawCap – Free Command Line Packet/Network Sniffer For Windows (Raw Sockets)”

  1. Bogwitch 12 April 2011 at 12:54 pm Permalink

    IIRC, there are some limitations concerning raw sockets unse XPSP2/XPSP3 too.

    • Darknet 12 April 2011 at 4:23 pm Permalink

      Some yah, maybe they use the Ethernet Frames workaround though.