Pcapy – Python Interface to LibPcap


Pcapy is a Python extension module that interfaces with the libpcap packet capture library. Pcapy enables python scripts to capture packets on the network. Pcapy is highly effective when used in conjunction with a packet-handling package such as Impacket, which is a collection of Python classes for constructing and dissecting network packets.

Advantages of Pcapy

  • Works with Python threads.
  • Functions in both UNIX with libpcap and Windows with WinPcap.
  • Provides a simpler Object Oriented API.

Requirements

  • A Python interpreter. Versions 2.1.3 and higher.
  • A C++ compiler. GCC G++ 2.95, as well as Microsoft Visual Studio 6.0 or MSVC 2003 depending on the Python version.
  • A Libpcap 0.9.3 or newer. Windows users should have installed WinPcap 4.0 or newer.

Download Pcapy here:

Source code

Latest stable release (0.10.5) – gzip’d tarball or zip file

Win32 binaries – Pick the appropriate Python or WinPcap version.

Latest release (0.10.5) – Windows installer – Python 2.5 and WinPcap 4.0.
0.10.4 – Windows installer – Python 2.4 and WinPcap 3.1.

Or read more here and the documentation is here.

Posted in: Networking Hacking Tools, Secure Coding

, , , , ,


Latest Posts:


Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.


6 Responses to Pcapy – Python Interface to LibPcap

  1. Sir Henry December 18, 2007 at 3:25 pm #

    I wonder how this stacks up against scapy or whether it could be utilized in harmony with said module.

  2. Pantagruel December 18, 2007 at 9:56 pm #

    According to the portability list of scapy http://www.secdev.org/projects/scapy/portability.html it does more does more than just linux

    little snippet

    Scapy portability page
    * Linux native installation guide
    * generic Unix installation guide
    * OpenBSD installation guide
    * FreeBSD installation guide
    * Mac OS X 10.4 (Tiger) installation guide
    * Windows installation guide

    etc

    Damn 24 hours in 1 day just isn’t enough for work, family, some sleep and all that play.

  3. Sir Henry December 18, 2007 at 10:20 pm #

    With the python module on which I am working, I was looking to use scapy, but will also take into consideration the use of pcapy to see which is a better value to my project.

  4. mumble December 19, 2007 at 5:09 am #

    Does anyone know if there are python bindings for the libnet injection library? I’m in a bizarre position – having been in networking before, but having to re-enter the business after a long absence, and I need to build a modern version of my old toolbox…

  5. codepupil December 23, 2007 at 8:09 am #

    scapy uses pycap [http://code.google.com/p/pypcap/] for libcap.
    Mumble: libdnet [http://code.google.com/p/libdnet/] may work depending on your needs.

  6. eM3rC January 6, 2008 at 10:26 pm #

    Nice post.

    This could be useful when writing small python programs for network sniffing.