https://github.com/jweyrich/babysniff
πΆπ»πΏ A network sniffer for Linux and macOS that currently (only) parses ETH, ARP, IP, ICMP, TCP, UDP, DNS - NOT for production!
https://github.com/jweyrich/babysniff
arp c dns dnssec ethernet icmp ip linux macosx network-analysis network-monitoring network-security raw-sockets sniffer tcp udp
Last synced: about 1 year ago
JSON representation
πΆπ»πΏ A network sniffer for Linux and macOS that currently (only) parses ETH, ARP, IP, ICMP, TCP, UDP, DNS - NOT for production!
- Host: GitHub
- URL: https://github.com/jweyrich/babysniff
- Owner: jweyrich
- License: mit
- Created: 2016-07-29T23:19:59.000Z (almost 10 years ago)
- Default Branch: master
- Last Pushed: 2024-12-25T20:26:49.000Z (over 1 year ago)
- Last Synced: 2025-04-01T20:41:35.440Z (about 1 year ago)
- Topics: arp, c, dns, dnssec, ethernet, icmp, ip, linux, macosx, network-analysis, network-monitoring, network-security, raw-sockets, sniffer, tcp, udp
- Language: C
- Homepage:
- Size: 220 KB
- Stars: 10
- Watchers: 2
- Forks: 3
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# babysniff
A simple network sniffer for Linux and macOS written from scratch without any libraries.
It's a toy tool that I created to learn more about network protocols. It's rudimentary when compared to tcpdump or wireshark.
## Supported protocols
Layer 2
- ETH
- ARP
Layer 3
- ICMP
- IP
Layer 4
- TCP
- UDP
Layer 7
- DNS (wip on EDNS0)
## How to build
```shell
cmake .
make
```
## How to use
The superuser privilege is necessary because Linux and BSD systems require elevated privileges to enable the promiscuous mode in network interfaces.
```shell
sudo ./babysniff -f -i eth0 -F arp,icmp,tcp,udp
```
## Screenshots
