libtins is a high-level, multiplatform packet crafting and sniffing C++ library.
Its main purpose is to provide the C++ developer an easy, efficient, platform and endianess-independent way to create tools which need to send, receive and manipulate specially crafted packets. Please visit the tutorial section in order to check out how the library works. As a short example, this is how to print the source and destination addresses and ports of every TCP packet captured in the eth0 interface:
libtins was designed keeping efficiency in mind at all times. You can visit the benchmark section to check out how well it behaves compared to other libraries which serve the same purpose.
Almost as much time was invested testing the library than developing it. At the moment of writing, there are 576 unit tests, which check that every getter, setter and method does what's expected. All of them run successfully on Windows, OSX and both little and big endian GNU/Linux and FreeBSD operating systems.
News
- June 4th, 2013: libtins v1.1 has been released! This is a minor release. There have been some small bug fixes, and some WPA2 decryption features were added.
-
April 23th, 2013: libtins v1.0 has been released! There have
been some changes in some functions in the API, so some code might
no longer compile(especially code that sent link-layer PDUs).
There won't be any modifications in the existing functions that break
your code in the near future, so don't worry.
- January 31th, 2013: libtins v0.3 has been released! In this version, a lot of effort has been put into adding support for the IPv6 protocol. Moreover, the library now can be used in FreeBSD, OSX and Windows.
- October 20th, 2012: After several weeks of coding and testing, we're proud to anounce the release version 0.2! In this version, we've fixed lots of bugs, added support for big endian architectures, added some new protocols, new features, and refactored several aspects of the library in order to make it simpler to use.
libtins features
- Network packet crafting.
- Packet sniffing from network interfaces and automatic interpretation of sniffed packets.
- Reading and writing PCAP files.
- Works GNU/Linux, FreeBSD, OSX and Windows.
- Works on both big and little endian architectures.
- Following and reassembling TCP streams on the fly.
- Decrypting WEP encrypted 802.11 data frames on the fly and interpreting the decrypted content.
-
Supported protocols:
- IEEE 802.11
- IEEE 802.3
- IEEE 802.1q
- Ethernet II
- ARP
- IP
- IPv6
- ICMP
- ICMPv6
- TCP
- UDP
- DHCP
- DHCPv6
- DNS
- RadioTap
- EAPOL
- PPPoE
- STP
- LLC
- LLC+SNAP
- Linux Crooked Capture
- NULL/Loopback