Reputation: 2172
Is it possible to doa layer 2 Packet Capture in Powershell
Is it possible to capture Layer 2 traffic using powershell? I've seen methods that use sockets, but they only seem to capture traffic on Layer 3 and higher. I want to look at Ethernet frames; but I'm not sure if it can be done in powershell. Is it possible to do this without installing any extra software/drivers on a system (maybe using a dll or something)?
Upvotes: 1
Views: 1315
Answers (1)
Reputation: 127563
If you just need portable without being silent you could use the portable Wireshark to "temporarily install" the needed drivers then use Wireshark's command line switches to script it with powershell.
One other option is if WinPcap is already installed (you could script the install and uninstall in your powershell file) you could use a wrapper library like Pcap.Net which would allow you to communicate directly to the driver via your script without going through Wireshark.
Upvotes: 1
Related Questions
- how to capture 802.11 packets in Windows 10 using Wireshark?
- extracting packet from frame winpcap
- How to add a fake ethernet header to a capture
- Powershell - Capture socket and process
- There are no interfaces on which a capture can be done.[wireshark]
- WireShark lightweight capture, can it be done?
- Can WinPcap be used to capture network traffic per process?
- Getting *NIC info from remote machines on network?
- In Microsoft Network Monitor, how can I capture a single payload?
- Capturing packets on Windows 7