PReplay – A pcap Network Traffic Replay Tool for Windows

The New Acunetix V12 Engine


There are not many good tools for replaying traffic, most people use WireShark (formely known as Ethereal) for capturing the traffic, but what happens if you want to take that capture and reply it over the wire?

Someone has this problem so they decided to code their own solution, thankfully for us! There are quite a few tools to do this for *nix based systems but none for Windows, so here we go, a traffic replay tool for the Windows platform!

PReplay is a utility to replay captured data over the network, its main feature is that it will record the time difference between two packets (not very accurately but it works for micro/millisecond difference) it reads the capture file and then determines the time difference for the next packet.

You can give list of capture file which you want to send in the Preplay.ini in the [SendingFileName] section as below:

Semicolon (;) is used for commenting a line you don’t want the program to read, so you can
comment out the file name which you don’t want to send like this:


It will not send 2nd file.

SendingFilePath, here you can specify the directory which contains the captured files.

You can download PReplay here:

preplay.zip

This is version 1.1 which has a few fixes such as the ability to change the MAC and IP address of the gateway and client machine.

Posted in: Hacking Tools, Networking Hacking, Security Software, Windows Hacking

, , , , , ,


Latest Posts:


Acunetix v12 - Pause & Resume Acunetix v12 – More Comprehensive More Accurate & 2x Faster
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix v12 - more comprehensive, accurate & 2x faster.
CloudFrunt - Identify Misconfigured CloudFront Domains CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions.
Airbash - Fully Automated WPA PSK Handshake Capture Script Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing, it is compatible with Bash and Android Shell.
XXEinjector - Automatic XXE Injection Tool For Exploitation XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is an XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications.
Yahoo! Fined 35 Million USD For Late Disclosure Of Hack Yahoo! Fined 35 Million USD For Late Disclosure Of Hack
Ah Yahoo! in trouble again, this time the news is Yahoo! fined for 35 million USD by the SEC for the 2 year delayed disclosure of the massive hack, we actually reported on the incident in 2016 when it became public.
Drupwn - Drupal Enumeration Tool & Security Scanner Drupwn – Drupal Enumeration Tool & Security Scanner
Drupwn is a Python-based Drupal Enumeration Tool that also includes an exploit mode, which can check for and exploit relevant CVEs.


6 Responses to PReplay – A pcap Network Traffic Replay Tool for Windows

  1. Tim Abell October 15, 2007 at 10:57 am #

    I downloaded the preplay source from CVS, but it wouldn’t compile for me on Ubuntu (possibly a libnet versioning problem).

    I found tcpreplay is available in the repos so will be trying that instead.
    http://tcpreplay.synfin.net/trac/

  2. secgeek December 11, 2007 at 10:37 am #

    hi tim,
    preplay is for windows only.i thik u have downloaded the wrong source from cvs?as tht was a diffrent project i think.
    you can get the latest one here:-
    http://secgeeks.com/preplay_1_1.html

  3. RaSchi January 31, 2008 at 6:57 pm #

    I just tried the download link you give here and I also tried a search on secgeeks.com but all of the links to the ZIP file I found were broken links (404…). Is there still a version of PReplay available anywhere?

  4. Darknet January 31, 2008 at 8:04 pm #

    I can’t find a link, if anyone has it you can send it to me and I’ll upload it here. Perhaps try e-mailing secgeek too.

    Let me know if you have any luck.

  5. Radhakrishna July 6, 2008 at 10:53 am #

    it is still available….check out this link

    http://www.secgeeks.com/preplay_1_1.html
    http://secgeeks.com/PReplay.zip

    thanks.

  6. Darknet July 7, 2008 at 6:11 am #

    I’ve updated to the post to reflect the new download location, this software is available for download again.