Skip to content

faezehghiasi/Raw-Packet-Capture-Program

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
.github/workflows
.github/workflows
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
dllsniffer-pro.c
dllsniffer-pro.c
 
 

Repository files navigation

Packet Sniffer (Raw Packet Capture)

A lightweight C-based packet sniffer that captures Ethernet, IP, TCP, and UDP packets and saves them to a .pcap file for analysis in Wireshark.

🚀 Features

✔ Captures raw network packets
✔ Extracts MAC, IP, TCP, and UDP headers
✔ Saves packets to a .pcap file
✔ Lightweight and fast

🛠 Installation

Install libpcap before compiling:

Ubuntu/Debian:

sudo apt install libpcap-dev -y

Fedora:

sudo dnf install libpcap-devel -y

Arch Linux:

sudo pacman -S libpcap

🔨 Usage

1️⃣ Compile the program

make

2️⃣ Run the sniffer

sudo make run

3️⃣ View packets in Wireshark

wireshark captured.pcap

⚙ Makefile Commands

Command Description
make Compile the program
make run Run the program (requires sudo)
make clean Remove compiled files & logs

📌 Example Output

[+] Capturing packets...

Packet Type: Incoming
Source MAC: AA:BB:CC:DD:EE:FF
Destination MAC: 11:22:33:44:55:66
Protocol: IP
Source IP: 192.168.1.10
Destination IP: 8.8.8.8
Protocol: UDP
Source Port: 53
Destination Port: 443

About

The program uses raw sockets in the PF_PACKET domain with SOCK_RAW type to capture Ethernet frames passing through the network interface. It decodes and prints essential information about the captured packets.

Topics

c linux network raw-sockets packet-sniffer packet-capture

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

v1.1.0 Latest
Mar 16, 2025
+ 1 release

Packages

 
 
 

Contributors

Languages