SmartSniff is a tiny packet sniffer which tries to capture and display the TCP/IP packets that pass through your chosen network adapter.
The program can work with Microsoft Network Monitor Driver and WinPcap, but can also work with raw sockets if you've nothing else installed.
To get started, open the program, click the green "Play" button on the toolbar and select the network adapter to use.
Any background network packets will be captured and various details displayed: protocol, local and remote addresses/ ports/ hosts, service name, data size, capture time, local and remote MAC address, local and remote IP country, and more.
Send an email, open a browser, visit a website or two and more traffic details should appear.
Once you've finished, click "Stop" to stop capture.
Browse down the list to look for interesting packets, perhaps based on the remote host name. Click on any item and the lower pane shows you its contents in either text or hex form.
If this was a POP3 packet, for instance, you might see user names and passwords travelling over the network in plain text.
Browsing down the list, we noticed an odd host name we didn't recognise, clicked the packet and found text showing it related to our antivirus package.
There are a huge number of display and capture options, including the ability to filter traffic by protocol and port.
You can also export the table as an HTML report, or save the captured packets for analysis somewhere else.
- SmartSniff now automatically loads the new version of WinPCap driver from https://nmap.org/npcap/ if it's installed on your system.
- SmartSniff now tries to load the dll of Network Monitor Driver 3.x (NmApi.dll) according to the installation path specified in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Netmon3. This change should solve the problem with loading the Network Monitor Driver 3.x on some systems.