Jan 272019

Quoting the original web site (here) :

Windows Packet Divert (WinDivert) is a user-mode packet capture-and-divert package for Windows 2008, Windows 7, Windows 8, Windows 10 and Windows 2016.

WinDivert allows user-mode applications to capture/modify/drop network packets sent to/from the Windows network stack. In summary, WinDivert can:

capture network packets
filter/drop network packets
sniff network packets
(re)inject network packets
modify network packets
WinDivert can be used to implement user-mode packet filters, packet sniffers, firewalls, NAT, VPNs, tunneling applications, etc.

The main features of WinDivert include:

packet interception, sniffing, or dropping modes
supports loopback (localhost) traffic
full IPv6 support
network layer
simple yet powerful API
high-level filtering language
filter priorities
silent installation
freely available under the terms of the GNU Lesser General Public License (LGPL)

Similar to the raw socket sniffer (here), i have shared a demo (in freepascal) here.

Because windivert is a kernel driver, issues inherent to the windows raw sockets will not apply here.

Poster un Commentaire

4 Fils de commentaires
0 Réponses de fil
0 Abonnés
Commentaire avec le plus de réactions
Le plus populaire des commentaires
0 Auteurs du commentaire
Auteurs de commentaires récents

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.

plus récent plus ancien
Notifier de

[…] a previous article, I did comment on a nice opensource library (Windivert) and shared a basic freepascal demo to use […]


[…] playing with Windivert (see original article here), I this time decided to code a transparent […]


[…] playing with Windivert (see original article here), this time we will intercept dns traffic and will modify the IP address in DNS replies containing […]


[…] that you can use netdump or intercept-dns from previous articles (dont forget to do a set layer=forward on the command line […]