SSNIFF is a versatile network tool written in Python that provides packet capturing and injection capabilities with a user-friendly interface and rich features. It's designed to work seamlessly across Linux (including Kali, ParrotOS, etc.), and macOS.
███████╗███████╗███╗ ██╗██╗███████╗███████╗
██╔════╝██╔════╝████╗ ██║██║██╔════╝██╔════╝
███████╗███████╗██╔██╗ ██║██║█████╗ █████╗
╚════██║╚════██║██║╚██╗██║██║██╔══╝ ██╔══╝
███████║███████║██║ ╚████║██║██║ ██║
╚══════╝╚══════╝╚═╝ ╚═══╝╚═╝╚═╝ ╚═╝
-
Packet Capturing
- Capture packets from any network interface
- Filter by protocol (TCP, UDP, ICMP, IP)
- Limit number of packets to capture
- Rate limiting to control capture speed
- Real-time packet display
- Native support for Linux packet capture interfaces
-
Packet Injection
- Inject custom packets into the network
- Support for TCP, UDP, and ICMP protocols
- Customizable packet data
- Safe testing capabilities
-
Output Options
- Colorized output for better readability
- Summary view for compact display
- Logging to file for later analysis
- Packet numbering and statistics
# Debian/Ubuntu/Kali
sudo apt-get install python3-pip python3-venv libpcap-dev
# Fedora/RHEL
sudo dnf install python3-pip python3-venv libpcap-devel
# Arch/BlackArch
sudo pacman -S python-pip python-virtualenv libpcap# Install Homebrew if not already installed
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
# Install libpcap
brew install libpcap- Clone the repository:
git clone https://github.com/pakagronglb/ssniff.git
cd ssniff- Create and activate a virtual environment:
python3 -m venv venv
source venv/bin/activate # On Unix/macOS
# or
.\venv\Scripts\activate # On Windows- Install dependencies:
pip install -r requirements.txteth0,eth1: Ethernet interfaceswlan0,wlan1: Wireless interfacesenp0s3,enp0s8: Modern naming scheme for network interfaceswlp2s0: Modern naming scheme for wireless interfaces
en0: Usually the built-in Etherneten1: Usually the built-in WiFibridge0: Bridge interfacelo0: Loopback interface
- List available network interfaces:
# Show all interfaces with their status
sudo python3 ssniff.py -l- Capture packets:
# Linux examples (replace with your interface name)
sudo python3 ssniff.py -i eth0 # Ethernet
sudo python3 ssniff.py -i wlan0 # Wireless
# macOS examples
sudo python3 ssniff.py -i en0 # Ethernet
sudo python3 ssniff.py -i en1 # Wireless- Protocol Filtering:
# Capture only TCP packets
sudo python3 ssniff.py -i eth0 -p tcp
# Capture only UDP packets
sudo python3 ssniff.py -i eth0 -p udp
# Capture only ICMP packets
sudo python3 ssniff.py -i eth0 -p icmp- Rate Limiting:
# Limit to 10 packets per second
sudo python3 ssniff.py -i eth0 --rate-limit 10- Output Options:
# Log to file
sudo python3 ssniff.py -i eth0 --log-file packets.log
# Show summary only
sudo python3 ssniff.py -i eth0 --summary
# Disable color output
sudo python3 ssniff.py -i eth0 --no-color- Packet Injection:
# Inject TCP packet
sudo python3 ssniff.py -i eth0 --inject --target-ip 127.0.0.1 --target-port 8080 --inject-data "TEST"
# Inject UDP packet
sudo python3 ssniff.py -i eth0 --inject --target-ip 127.0.0.1 --target-port 8080 --inject-data "TEST" --inject-protocol udp
# Inject ICMP packet
sudo python3 ssniff.py -i eth0 --inject --target-ip 127.0.0.1 --inject-data "TEST" --inject-protocol icmpusage: ssniff.py [-h] (-i INTERFACE | -l) [-c COUNT] [-p {tcp,udp,icmp,ip}]
[--rate-limit RATE_LIMIT] [--summary] [--no-color]
[--log-file LOG_FILE] [--inject] [--target-ip TARGET_IP]
[--target-port TARGET_PORT] [--inject-data INJECT_DATA]
[--inject-protocol {tcp,udp,icmp}]
-i, --interface: Network interface to sniff on-l, --list-interfaces: List available network interfaces-h, --help: Show help message
-c, --count: Number of packets to capture (default: 100, 0 for unlimited)-p, --protocol: Protocol filter (tcp, udp, icmp, ip)--rate-limit: Maximum number of packets to process per second
--summary: Print packet summaries only--no-color: Disable color output--log-file: Log file to save packet information
--inject: Enable packet injection mode--target-ip: Target IP address for packet injection--target-port: Target port for packet injection--inject-data: Data to inject in the packet--inject-protocol: Protocol to use for injection (tcp, udp, icmp)
-
Permission Denied:
- Run with sudo
- Or add your user to the pcap group:
sudo usermod -a -G pcap $USER
-
Interface Not Found:
- Check interface name:
ip link show - Modern Linux systems use predictable interface names (like
enp0s3)
- Check interface name:
-
Capture Issues on Kali/ParrotOS:
- The tool automatically detects security distributions and adjusts settings
- Try different capture methods if issues persist
-
Permission Issues:
- Run with sudo
- Check System Preferences → Security & Privacy for allowed kernel extensions
-
Interface Names:
- Use
ifconfigto list correct interface names - Names might change after system updates
- Use
- Always run packet injection tests in a controlled environment
- Be cautious when capturing packets on production networks
- Use rate limiting to prevent network overload
- Review captured data for sensitive information before sharing logs
- On Linux systems, consider using network namespaces for isolation
Contributions are welcome! Please feel free to submit a Pull Request.
This project is licensed under the MIT License - see the LICENSE file for details.
- Scapy project for the packet manipulation library
- Rich library for the beautiful terminal output