IP Sniffer is a suite of IP Tools built around a packet sniffer.

The packet sniffer can work on all Windows versions using either the new raw socket implementation of Windows2000 (driverless) or WinPcap (needs to be installed) or a NDIS protocol (needs to be installed , no reboot).

The sniffer has basic features like filter, decode, replay, parse…

What's New in version 1.97:

• added: savetodb/loadfromdb function in bookmark window (tested with mssql oledb, mysql odbc, excel odbc (dont forget the []))
• added: database objects browser
• fixed: bugs in rrdtools gui
• fixed: support of double values in perfmon
• added: can graph an oid value in snmpget
• added: block url's based on keywords in http proxy (todo : filter meta keywords)
• added: can filter while loading a capture file
• fixed: filter for ndis5pkt engine
• fixed: capture_mode=raw by default
• added: toolbarview & stayontop stored in config.ini
• added: debug option in config.ini (hookwindows, hookGetProcAddress, hookmem)
• modified: update to latest madexcept version 3.0h
• added: arp watch
• added: stp decoder
• added: dot1stpporttable & stp datas
• added: delete arp entry in snmp arp table
• added: flood option in arp spoof
• todo: mitm (handle router & victim redirection) , ipconflict (reply with ipsrc=victim & macsrc=other) attacks
• added: WTSWaitSystemEvent / WTSShutdownSystem / WinStationServerPing / WTSQueryUserToken (must run as localsystem)
• modified : raw_sniffer is created only on start action
• fixed: print spooler is stopped/started including dependencies
• added: geo locating using api.hostip.info and googlemaps
• todo: check TcpTimedWaitDelay
• added: rpcap support main window