AttackSurfaceAnalyzer
AttackSurfaceAnalyzer copied to clipboard
microsoft
Network Monitor
Monitor Network Traffic. See https://github.com/chmorgan/sharppcap
On Windows this requires the user to install npcap separately.
Potentially look at parsing pcap files instead: https://github.com/ryrychj/PcapngUtils
@gfs What do you think about the npcap dependency being loaded into a .NET assembly? The install could do a check of the OS and check if the user is running Windows and do the install on application load.
I did look into this before and unfortunately I don’t think it’s feasible to automatically install npcap for the user for two reasons.
Disclaimer: I’m not a lawyer, this isn’t legal advice.
- The license does not allow redistribution.
https://github.com/nmap/npcap/blob/master/LICENSE
- Even if downloading the installer from the official location and running the it for the user wasn’t considered redistribution, I’m not aware of a silent installer for npcap other than for those who purchase a license for redistribution - as I recall the installer for the publicly available/freenpcap has a click wrap license the user must accept.
I think the best we could potentially do while complying with the license is to offer users a link to the download.
It looks like sharppcap now supports windivert which is GPL licensed. It might be possible to go this route instead.
https://github.com/basil00/Divert
windivert is distributed via GitHub releases of zips that contain the exe. I think this would be relatively easy to implement a mechanism to prompt the user to download windivert if it's not present.
@gfs will have to look into it sometime apologize I work and I've been exploring other projects that I'd like to contribute to.
@mtmulch1 no need to apologize. Thanks for your feedback and showing there's interest in this feature. There were mostly intended as notes for myself.