Pcapy – Python Interface to LibPcap

Pcapy is a Python extension module that interfaces with the libpcap packet capture library. Pcapy enables python scripts to capture packets on the network. Pcapy is highly effective when used in conjunction with a packet-handling package such as Impacket, which is a collection of Python classes for constructing and dissecting network packets.

Advantages of Pcapy

  • Works with Python threads.
  • Functions in both UNIX with libpcap and Windows with WinPcap.
  • Provides a simpler Object Oriented API.


  • A Python interpreter. Versions 2.1.3 and higher.
  • A C++ compiler. GCC G++ 2.95, as well as Microsoft Visual Studio 6.0 or MSVC 2003 depending on the Python version.
  • A Libpcap 0.9.3 or newer. Windows users should have installed WinPcap 4.0 or newer.

Download Pcapy here:

Source code

Latest stable release (0.10.5) – gzip’d tarball or zip file

Win32 binaries – Pick the appropriate Python or WinPcap version.

Latest release (0.10.5) – Windows installer – Python 2.5 and WinPcap 4.0.
0.10.4 – Windows installer – Python 2.4 and WinPcap 3.1.

Or read more here and the documentation is here.

Posted in: Networking Hacking, Secure Coding

, , , , ,

Latest Posts:

SecLists - Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.
DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.

6 Responses to Pcapy – Python Interface to LibPcap

  1. Sir Henry December 18, 2007 at 3:25 pm #

    I wonder how this stacks up against scapy or whether it could be utilized in harmony with said module.

  2. Pantagruel December 18, 2007 at 9:56 pm #

    According to the portability list of scapy http://www.secdev.org/projects/scapy/portability.html it does more does more than just linux

    little snippet

    Scapy portability page
    * Linux native installation guide
    * generic Unix installation guide
    * OpenBSD installation guide
    * FreeBSD installation guide
    * Mac OS X 10.4 (Tiger) installation guide
    * Windows installation guide


    Damn 24 hours in 1 day just isn’t enough for work, family, some sleep and all that play.

  3. Sir Henry December 18, 2007 at 10:20 pm #

    With the python module on which I am working, I was looking to use scapy, but will also take into consideration the use of pcapy to see which is a better value to my project.

  4. mumble December 19, 2007 at 5:09 am #

    Does anyone know if there are python bindings for the libnet injection library? I’m in a bizarre position – having been in networking before, but having to re-enter the business after a long absence, and I need to build a modern version of my old toolbox…

  5. codepupil December 23, 2007 at 8:09 am #

    scapy uses pycap [http://code.google.com/p/pypcap/] for libcap.
    Mumble: libdnet [http://code.google.com/p/libdnet/] may work depending on your needs.

  6. eM3rC January 6, 2008 at 10:26 pm #

    Nice post.

    This could be useful when writing small python programs for network sniffing.