packet-sniffers

BACKGROUND : I now understand how to write a C# application that can monitor packets going in/out of the network card on the PC the application is running on. The approach I know relies on http://www.winpcap.org/ being already installed on the PC however, and then I use a C# wrapper such as http://pcapdotnet.codeplex.com/ or http://sourceforge.net/projects/sharppcap/ . QUESTION : My question however, what would I need to do to be able to have a C# application that can sniff packets that does NOT require a 3rd party application/drivers to be pre-installed? CLARIFICATION : That is I really want

I need to trace/sniff http traffic from other machines (for example from my android phone or ios device). In the past I used MSSOAPT (described here http://www.devproconnections.com/article/net-framework2/microsoft-soap-trace-tool ) and it was perfect, I need something similar, and now it should have syntax highlighting for json and be able to unzip content :). I would like to tell my android to go to http://my.machine.home/Foo?bar and this proxy should forward this to other server such as http://google.com/Foo?bar and it should print complete trafic. I would prefer if the solution would not

I'm trying to get a better understanding of how SSL works so I installed a self-signed SSL cert on my server for testing. When I post data to an HTTPS url on the test server, Chrome developer tools shows all the data in plain text. Is that what I should expect or should the data appear as encrypted in the developer tools? I tried running a packet sniffer (Cocoa Analyzer Packet) and I don't see any of the data that I'm trying to post in plain text, but some messages do show the domain I'm posting too (only the domain, no query params or other data). Is that normal? I was under the impression

I need to write a packet sniffer in Linux that detects HTTPS packet that are sent and save the url from the request. I found code for this in security-freak and ran it. This code runs and only sniffs the received packet but I need to get the sent packet in the sniffer. How do I get the sent packet in this code? I can't use any library like libcap (forbidden). The code is : sniffer.c You should be using ETH_P_ALL instead of ETH_P_IP as the protocol. ETH_P_IP only listens for incoming IP packets. Why can't you use any library? Homework? It's hard to answer without having examples from your code,

I am trying to sniff an out going http packet using scapy, add a few new http headers in it and send it ahead. The intention here is to only insert new headers while keeping the packet intact. At max any checksum recalculation should be done if needed. Have been through almost all questions on SO but didn't exactly get a solution. Following is what i have done. def parse(pkt): if pkt.haslayer(TCP) and pkt.getlayer(TCP).dport == 80 and pkt.haslayer(Raw): pkt = pkt / "New Header:value\r\n\r\n" # OR i tried this #pkt = pkt.getlayer(Raw).load / Raw.load(load="New Header:value\r\n\r\n") #pkt

I'm current working on a program that scans my network and discoveres computers and devices on the network. I use various operations to find data on the devices I discover, but want to distinguish the network devices from computers. And I'm wondering if anyone knows how I could do this? I looked a bit at SNMP, and tried connecting to my network printer, router and modem. But I seem to only be able to connect to the printer, neither the router or modem responds. Is there another way to identify what kind of a device an IP address belongs to? Using a command line tool such as nmap you can finger

Googling didn't give me great results. Is there any sort of API for Wireshark that abstracts away from the main source code so we can develop programs that interact with it and deal with the data it provides? edit: I appreciate the suggestions for different ways to receive packets, but I want to implement packet injection into Wireshark. Sniffing will be an important part of my project, however I'm not sure that the suggested solution allows for packet injection. I use pypcap to read packets and dpkt to parse. For example, to use dpkt to read packets from a saved pcap: import socket import