Pcapy – Python Interface to LibPcap


Pcapy is a Python extension module that interfaces with the libpcap packet capture library. Pcapy enables python scripts to capture packets on the network. Pcapy is highly effective when used in conjunction with a packet-handling package such as Impacket, which is a collection of Python classes for constructing and dissecting network packets.

Advantages of Pcapy

  • Works with Python threads.
  • Functions in both UNIX with libpcap and Windows with WinPcap.
  • Provides a simpler Object Oriented API.

Requirements

  • A Python interpreter. Versions 2.1.3 and higher.
  • A C++ compiler. GCC G++ 2.95, as well as Microsoft Visual Studio 6.0 or MSVC 2003 depending on the Python version.
  • A Libpcap 0.9.3 or newer. Windows users should have installed WinPcap 4.0 or newer.

Download Pcapy here:

Source code

Latest stable release (0.10.5) – gzip’d tarball or zip file

Win32 binaries – Pick the appropriate Python or WinPcap version.

Latest release (0.10.5) – Windows installer – Python 2.5 and WinPcap 4.0.
0.10.4 – Windows installer – Python 2.4 and WinPcap 3.1.

Or read more here and the documentation is here.

Posted in: Networking Hacking Tools, Secure Coding

, , , , ,


Latest Posts:


Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.
GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc


6 Responses to Pcapy – Python Interface to LibPcap

  1. Sir Henry December 18, 2007 at 3:25 pm #

    I wonder how this stacks up against scapy or whether it could be utilized in harmony with said module.

  2. Pantagruel December 18, 2007 at 9:56 pm #

    According to the portability list of scapy http://www.secdev.org/projects/scapy/portability.html it does more does more than just linux

    little snippet

    Scapy portability page
    * Linux native installation guide
    * generic Unix installation guide
    * OpenBSD installation guide
    * FreeBSD installation guide
    * Mac OS X 10.4 (Tiger) installation guide
    * Windows installation guide

    etc

    Damn 24 hours in 1 day just isn’t enough for work, family, some sleep and all that play.

  3. Sir Henry December 18, 2007 at 10:20 pm #

    With the python module on which I am working, I was looking to use scapy, but will also take into consideration the use of pcapy to see which is a better value to my project.

  4. mumble December 19, 2007 at 5:09 am #

    Does anyone know if there are python bindings for the libnet injection library? I’m in a bizarre position – having been in networking before, but having to re-enter the business after a long absence, and I need to build a modern version of my old toolbox…

  5. codepupil December 23, 2007 at 8:09 am #

    scapy uses pycap [http://code.google.com/p/pypcap/] for libcap.
    Mumble: libdnet [http://code.google.com/p/libdnet/] may work depending on your needs.

  6. eM3rC January 6, 2008 at 10:26 pm #

    Nice post.

    This could be useful when writing small python programs for network sniffing.