Purpose of the Packet Capture Tool

The purpose of the Packet Capture tool is to capture ethernet network packets and store them in a standard Wireshark compatible packet capture ".cap" file for immediate viewing. While not a replacement for a powerful tool like Wireshark, it does give you a quick glimpse into the traffic going through your interfaces without the overhead of a full packet analysis tool.

About the Packet Capture Tool

The Packet Capture tool is a separate compact application launched from within NetScanTools Pro. The captured packets can be reviewed using the built-in hex viewer or you can launch an external advanced tool like Wireshark that can read the capture file and provide better decoding of the packets. It is pretty simple to use. After you launch it, press the Capture button. When you are done capturing data, press the Stop button and the display is filled with a list of packets. You can use the built-in simple decoder or launch a more powerful packet analysis tool. Saving the capture or a specific packet is fully supported and you can reload a capture later for future analysis.

Features

  • Captures all packets and provides basic decoding of TCP, UDP, ICMP, IGMP, and ARP packets. Decodes both IPv4 or IPv6.
  • Real time display of the arriving packet count.
  • Time stamping of packet arrival, display of source/destination IPs, protocol type.
  • Parses and shows port numbers, packet length, TTL, TCP sequence numbers and flags.
  • Input Filter by IP address, port number or packet type (ICMP, TCP, UDP)
  • Post-capture display filtering by text found in display.
  • Post-capture searching of the display list of packets for text strings.
  • Post-capture searching of the actual packet contents for text strings.
  • Save the packet capture file separately for future reference.
  • Extraction and export of a single packet to a separate packet capture file (.cap).
  • Load/import a previous session from a saved Packet Capture capture file.
  • External detailed analysis by Wireshark since the capture file is compatible.

Related Tool Links

Packet Capture Screenshot

Packet Capture Screenshot

Packet Capture Hex Viewer Screenshot

Packet Capture Screenshot

Network Interface Requirements

This application works on Windows 10, 8, 7. Requires GUI, not a command line tool. We use it with standard ethernet 10/100/1000BaseT network interfaces. Your interface must support 'promiscuous' mode. Wireless 802.11 interfaces usually work if they are supported by Windows. Modems and WAN (PPP/SLIP) interfaces are not supported on Windows 10/8.x/7 due to WinPcap limitations. This feature requires the WinPcap packet driver which we install as part of the NetScanTools Pro package. It will also function with the NpCap driver from nmap.org if it is installed in WinPcap compatibility Mode. This Packet Capture Tool supports both IPv4 and IPv6.

A video of the Packet Capture Tool in action!

Try the NetScanTools Pro demo free for 30 days

DEMO Version End User License Agreement (EULA)
How to Uninstall

Download NetScanTools Pro Demo


This tool requires WinPcap or compatible driver for operation.