Pcapy – Python Interface to LibPcap


Pcapy is a Python extension module that interfaces with the libpcap packet capture library. Pcapy enables python scripts to capture packets on the network. Pcapy is highly effective when used in conjunction with a packet-handling package such as Impacket, which is a collection of Python classes for constructing and dissecting network packets.

Advantages of Pcapy

  • Works with Python threads.
  • Functions in both UNIX with libpcap and Windows with WinPcap.
  • Provides a simpler Object Oriented API.

Requirements

  • A Python interpreter. Versions 2.1.3 and higher.
  • A C++ compiler. GCC G++ 2.95, as well as Microsoft Visual Studio 6.0 or MSVC 2003 depending on the Python version.
  • A Libpcap 0.9.3 or newer. Windows users should have installed WinPcap 4.0 or newer.

Download Pcapy here:

Source code

Latest stable release (0.10.5) – gzip’d tarball or zip file

Win32 binaries – Pick the appropriate Python or WinPcap version.

Latest release (0.10.5) – Windows installer – Python 2.5 and WinPcap 4.0.
0.10.4 – Windows installer – Python 2.4 and WinPcap 3.1.

Or read more here and the documentation is here.

Posted in: Networking Hacking Tools, Secure Coding

, , , , ,


Latest Posts:


OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.
trident - Automated Password Spraying Tool trident – Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to be deployed on multiple cloud providers and provides advanced options around scheduling
tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.
Arcane - Tool To Backdoor iOS Packages (iPhone ARM) Arcane – Tool To Backdoor iOS Packages (iPhone ARM)
Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories.
SharpHose - Asynchronous Password Spraying Tool SharpHose – Asynchronous Password Spraying Tool
SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike's execute-assembly.
Axiom - Pen-Testing Server For Collecting Bug Bounties Axiom – Pen-Testing Server For Collecting Bug Bounties
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.


6 Responses to Pcapy – Python Interface to LibPcap

  1. Sir Henry December 18, 2007 at 3:25 pm #

    I wonder how this stacks up against scapy or whether it could be utilized in harmony with said module.

  2. Pantagruel December 18, 2007 at 9:56 pm #

    According to the portability list of scapy http://www.secdev.org/projects/scapy/portability.html it does more does more than just linux

    little snippet

    Scapy portability page
    * Linux native installation guide
    * generic Unix installation guide
    * OpenBSD installation guide
    * FreeBSD installation guide
    * Mac OS X 10.4 (Tiger) installation guide
    * Windows installation guide

    etc

    Damn 24 hours in 1 day just isn’t enough for work, family, some sleep and all that play.

  3. Sir Henry December 18, 2007 at 10:20 pm #

    With the python module on which I am working, I was looking to use scapy, but will also take into consideration the use of pcapy to see which is a better value to my project.

  4. mumble December 19, 2007 at 5:09 am #

    Does anyone know if there are python bindings for the libnet injection library? I’m in a bizarre position – having been in networking before, but having to re-enter the business after a long absence, and I need to build a modern version of my old toolbox…

  5. codepupil December 23, 2007 at 8:09 am #

    scapy uses pycap [http://code.google.com/p/pypcap/] for libcap.
    Mumble: libdnet [http://code.google.com/p/libdnet/] may work depending on your needs.

  6. eM3rC January 6, 2008 at 10:26 pm #

    Nice post.

    This could be useful when writing small python programs for network sniffing.