Skip to content

Added a method to detect WireShark #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Added a method to detect WireShark #4

wants to merge 1 commit into from

Conversation

RampantDespair
Copy link

Hey there,
Not sure if this is within the scope of this project.

Nevertheless the method I made detects whether the underlying driver, which WireShark uses, is running.
I've also taken the liberty to add a method to stop said driver.

Additional information:
When installed, Npcap runs it's driver (npcap) automatically on startup, regardless of WireShark running or not.
When WireShark runs, it locks the driver therefore attempting to stop the driver directly while WireShark is running will not work. The application must be closed beforehand.

Important considerations:
This method isn't a replacement from proper server-sided api security and rate limiting.
That being said, this method could be used to stop the lowest common denominators from sniffing your api calls.

Improvements:
I could add a method to retrieve the application(s) which are using the npcap driver, to then shut them down one-by-one and finally stop the driver.

I guess I'll wait and see to figure out whether this is in or out of scope.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@RampantDespair