Like

WiFi Sniffer (C#)

Published  Jan 15, 2013
Updated  Jan 16, 2013
627  3

Description

First off, you can laugh at the sensor'd addresses. Just did so for security reasons, however minimal they may be.

WiFi Sniffer does as it's name suggests, and sniffs for incoming/outgoing connections through the local environment. Active connections are then queried for information regarding the where information is being sent to. In addition to querying for information about a specific active connection, it also captures a total bytes sent/received through the collection of addresses as a whole. Double clicking an entry in the Data Grid will make an attempt to resolve the address via DNS to fetch a host name.

The GitHub files include the VS 2012 project files, and an executable which runs as-is. Please note, that the project REQUIRES .NET Framework version 4.5+.

UPDATES:
1/15/2013 - Added live Network Activity graphs to give a visual representation of data being sent/received through the IP collection.

1/16/2013 - Added Process names and IDs. Now requires both admin privileges, and iphlpapi.dll in order to catch process information.

Screenshots

Comments

Sign in to comment.
jchero.sojo   -  May 17, 2013
Hi @SunnyD
Your project looks very interesting, but I tried to access the URL that hits up but no longer available,
Is there any possibility to access the project code?

Best regards, from Piura - Peru.
  11 Responses  
SunnyD  -  May 17, 2013
@jchero.sojo Thank you very much for pointing that out. It seems GitHub had my account on "standby" since I had not logged in for awhile. You can now access the repository.

I am hoping to revamp the code this summer to make it run as efficiently as possible, and I may throw in some new stuff as well. I need to look into a packet capture module for C# so I can hopefully report statistics on individual connections rather than all of them at once.
jchero.sojo  -  May 17, 2013
@SunnyD
Apparently you still have the account in "standby" because even I can not find your project.
I'm very interested because I'm working on a similar project but for LANs.
I hope to see your work.
Greetings and thanks for answering.
SunnyD  -  May 17, 2013
https://github.com/Powerbolt/WiFiSniffer/archive/master.zip

Try that then. I'm not sure what the deal is, it pulls up just fine on my end. Perhaps you need a GitHub account to view and download archives.
jchero.sojo  -  May 17, 2013
It's weird because I can download other projects but with the URL of his page remains blank or 404 fails :-(
I am registered on GitHub, very rare.
SunnyD  -  May 17, 2013
Hmm, that's odd. I'd be happy to email the .zip to you then from my registered address here at Hawkee.
jchero.sojo  -  May 17, 2013
Ok. Thank you very much.
SunnyD  -  May 17, 2013
I tried to send the email, but I received a sending error from Yahoo's Daemon. I went ahead and cleaned up the code, added a fair amount of documentation, finished up some previous works in progress, and committed it as an update to the repository on GitHub. If the first email didn't take I can send over the latest version which shouldn't be such an eye sore to read.
jchero.sojo  -  May 18, 2013
Not received your email, I would appreciate if you try to send the file again with the latest modifications.
Greetings.
SunnyD  -  May 18, 2013
Hm, the email doesn't seem to want to send. I keep getting email sending errors to your email address.
jchero.sojo  -  29 days ago
Thank you very much @SunnyD!!!
SunnyD  -  29 days ago
Very welcome. I hope it helps!
Sign in to comment

SunnyD   -  Jan 16, 2013
1
Updated the UI a bit and added some graphs to visualize the traffic usage per interval. The graphs are tied into the refresh timer so changing the refresh interval will allow traffic to pile up easier making for a more radical graph.
  1 Response  
Hawkee  -  Jan 16, 2013
Looks nice.
Sign in to comment

Hawkee   -  Jan 15, 2013
How would you differentiate this from apps like Wireshark and Packet Peeper?
  6 Responses  
SunnyD  -  Jan 15, 2013
Wireshark, and Packet Peeper are packet sniffers which analyze the individual packet passing through an interface, instead of the connection as a whole. Packet grabbing is something a tad lower level than C# can accomplish independently, I believe. What I'd like to do is rework the DNS aspect, and add process image names to associate connections with processes running locally to get a better idea of what's going on. That said I don't like the idea of capturing image names through CMD's "netstat" batch command; it's entirely too slow to be efficient.
Hawkee  -  Jan 15, 2013
So this captures higher level requests such as http or ftp requests?
SunnyD  -  Jan 15, 2013
Yes, HTTP, FTP, etc... All "TCP" protocol connections.
Hawkee  -  Jan 15, 2013
Very good. Unfortunately I'm running OS X so I cannot easily test it.
gooshie  -  Jan 15, 2013
WHAT HAPPENED TO THE SITE!? I can not find where I should comment to hawkee through his profile. I can not find where mine or hawkee's images are listed. I see a link for projects and dont even know what that is for. I see no way to upload 'scripts' (I'm guessing projects is a more inclusive way to add scripts and like C++ code, etc.). I see where to add images but not where they are listed. Also the "Select Image" button does not function in IE8 but does in FF18. Found the list of images under statistics but still can not figure how a visitor would find my images.
Hawkee  -  Jan 15, 2013
@gooshie Welcome back! A lot has changed since you last visited. To direct a message to me you can type @Hawkee into the New Thread box on the homepage. I may add a link to do this from the profile pages.

Currently you can post Apps/Projects (Scripts) by hovering over Explore above and clicking over to the respective section. I'm going to add a form to the homepage for posting Apps/Projects in the near future. This is one of the more urgent changes that needs to take place.

Images have never been a popular feature on this site, so they've become somewhat downplayed. You can still find somebody's images by adding "images/" to their profile URL, but I'm still trying to decide what to do with that page. You can still see everybody's images by clicking "Images" under Explore above.

Thank you for letting me know about the IE8 bug. I'll have to look into that. Only about 2.5% of our visitors are using IE8, so it's not a huge problem at least.
Sign in to comment

Are you sure you want to unfollow this person?
Are you sure you want to delete this?
Click "Unsubscribe" to stop receiving notices pertaining to this post.
Click "Subscribe" to resume notices pertaining to this post.