A Modern Python wrapper for WinPcap

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for orweis from gravatar.com orweis

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU General Public License v2 or later (GPLv2+) (GPLv2)
  • Author: Or Weis
  • Tags winpcapy
Classifiers
Report project as malware

Project description

A Modern Python wrapper for WinPcap
Access WinPcap through ctypes.

Based on Massimo Ciani’s WinPcapy (https://code.google.com/p/winpcapy/)

Install

pip install winpcapy

Usage

Quick packet live log printer

>>> from winpcapy import WinPcapUtils
# run on the first Ethernert interface and print a log for each packet
>>> WinPcapUtils.capture_on_and_print("*Ethernet*")
16:05:49,624258 len:199
16:05:49,685950 len:60
16:05:49,686022 len:54
16:05:49,767311 len:66
16:05:49,819156 len:66
16:05:50,052113 len:92
16:05:50,128862 len:60

Easy Packet live callback

from winpcapy import WinPcapUtils

# Example Callback function to parse IP packets
def packet_callback(win_pcap, param, header, pkt_data):
    # Assuming IP (for real parsing use modules like dpkt)
    ip_frame = pkt_data[14:]
    # Parse ips
    src_ip = ".".join([str(ord(b)) for b in ip_frame[0xc:0x10]])
    dst_ip = ".".join([str(ord(b)) for b in ip_frame[0x10:0x14]])
    print("%s -> %s" % (src_ip, dst_ip))

WinPcapUtils.capture_on("*Ethernet*", packet_callback)

Device/Interface enumeration

>>> from winpcapy import WinPcapDevices
# Return a list of all the devices detected on the machine
>>> WinPcapDevices.list_devices()
{'\\Device\\NPF_{0A78B7C8-F023-1337-1337-84D448AA5126}': 'Microsoft',
 '\\Device\\NPF_{2997B9BB-AA53-1337-1337-B862F874271C}': 'Microsoft',
 '\\Device\\NPF_{C2EAA982-F851-1337-1337-B8D2A9BCE406}': 'Intel(R) Ethernet Connection I218-LM',
 '\\Device\\NPF_{EAF47DBE-5B49-1337-1337-BD059E02666B}': 'Microsoft'}

 # Itearte over devices (in memory), with full details access
>>> with WinPcapDevices() as devices:
...     for device in devices:
...         print device.name, device.description, device.flags ,device.addresses.contents.netmask.contents.sa_family
...
"\Device\NPF_{0A78B7C8-F023-1337-1337-84D448AA5126} Microsoft 0 0"
"\Device\NPF_{C2EAA982-F851-1337-1337-B8D2A9BCE406} Intel(R) Ethernet Connection I218-LM 0 0"
"\Device\NPF_{EAF47DBE-5B49-1337-1337-BD059E02666B} Microsoft 0 0"
"\Device\NPF_{2997B9BB-AA53-1337-1337-B862F874271C} Microsoft 0 0"

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for orweis from gravatar.com orweis

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU General Public License v2 or later (GPLv2+) (GPLv2)
  • Author: Or Weis
  • Tags winpcapy
Classifiers

Release history Release notifications | RSS feed

1.0.3

1.0.2

This version

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

winpcapy-1.0.1.tar.gz (18.6 kB view details)

Uploaded Source

File details

Details for the file winpcapy-1.0.1.tar.gz.

File metadata

  • Download URL: winpcapy-1.0.1.tar.gz
  • Upload date:
  • Size: 18.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for winpcapy-1.0.1.tar.gz
Algorithm Hash digest
SHA256 096d6034aef78c14b3d03786414794876ca8baa8ca94125ce085b25eb7fcd753
MD5 e230973e2745be84c0657a5ee21ea46a
BLAKE2b-256 c3871b0e79e68be209fa36fbdc25e9dd3835d893932a7228f8844adddb88e594

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page