Скачать ncap для windows 10

Installer available at https://npcap.com/#download

• Fixed a memory leak in Npcap 1.76 only which occurs while capturing traffic
  at high data rates. Fixes #688.

• Fixed an issue in Npcap 1.76 where packets delivered to the driver by NDIS in
  a single indication, having the same timestamp, would be placed in the packet
  queue in reverse order. Fixes #684.

• Fixed an issue with Npcap 1.75 and 1.76 where changing timestamp modes could
  result in all packets being delivered with the same timestamp. Fixes #695.

• Fixed an issue with the Npcap installer that caused it to install duplicate
  certificates in the system’s certificate store, which caused problems for
  some software. The fixed installer will remove the duplicates. Fixes #692.

Installer and symbols available at https://npcap.com/#download

• Our code signing key has been reissued to «Nmap Software LLC» replacing the old «Insecure.Com LLC» subject name.

• Improve performance of the driver by reducing lock contention and consolidating data copy operations. This may help address #663.

• Additional fixes to locking discipline to potentially address a BSoD issue, #679.

Installer available from https://npcap.com/#download

• Fix a critical regression in Npcap 1.74 which caused all captured packets to have the same timestamp. Fixes #668.

Installer available from https://npcap.org/#download

• Updated libpcap to 1.10.4.

• Fixed an issue (#667) that prevented capture handles from receiving packets after a NDIS stack pause operation.

• Fixed an issue that could cause inaccurate timestamps when multiple handles were open and using different timestamp modes. Fixes #666.

• Fixed an issue preventing raw WiFi frame capture since Npcap 1.60.

• Fixed an issue causing «failed to set hardware filter to promiscuous mode» errors with NetAdapterCx-based Windows 11 miniport drivers. Npcap was interpreting the NDIS spec too strictly; we have opened an issue with Microsoft to address the fault in netadaptercx.sys. Fixes #628.

• Addressed several code readability and portability fixes in Packet.dll discovered using clang-tidy via Visual Studio Code Analysis.

Installer, SDK, and symbols available from https://npcap.com/#download

• Fixed an issue causing «failed to set hardware filter to promiscuous mode»
  errors due to a new code path failing to return appropriate error codes. Fix
  by Guy Harris in PR #656.
  Fixes #628.

• Fixed an issue with WlanHelper causing «error 0x7b» since Npcap 1.70.Fix by
  Hauke Neitzel in PR #652.
  Fixes #649.

• Fixed an issue preventing capture handles from reattaching after NDIS stack
  pause operations, resulting in persistent ERROR_DEVICE_REMOVED (1617)
  errors. Fixes #627.

• Restored original behavior of timestamps in the default case,
  PCAP_TSTAMP_HOST_HIPREC_UNSYNCED/TIMESTAMPMODE_SINGLE_SYNCHRONIZATION.
  Since Npcap 0.9994, the timestamp was resynchronized after NDIS stack pause
  operations, which reduced timestamp drift from wall clock time but made it no
  longer monotonic, making packet interval calculations inaccurate. This
  restores the default behavior of WinPcap.

• Fixed an issue that prevented Npcap 1.71 and 1.72 from being completely
  removed on uninstall. A misconfigured npcap driver service had persisted.
  Fixes #657.

• Fixed an issue where applications using Npcap 1.20 or later DLLs with a Npcap
  1.00 driver would crash due to a stack buffer overrun when the driver returned
  too many bytes in response to a request for timestamp modes. Additionally,
  changed NPFInstall.exe to attempt to uninstall the Npcap NetCfg component
  prior to installation, in case an improperly-uninstalled component persists.

• Updated libpcap to 1.10.3.

Installer and debug symbols available at https://npcap.com/

• Fixed an issue where promiscuous mode or other hardware packet filters are ignored after a second
  handle is opened on the same adapter, including handles opened in the process of listing adapters
  with pcap_findalldevs(). Fixes #647.

• Fixed an issue with validation of parameters to PacketGetNetInfoEx(). The NEntries parameter
  was not being checked for values less than or equal to 0. Fixes #625.

Installer, debug symbols, and SDK available from https://npcap.org/#download

• Increase strictness in checking for and restoring adapter parameters modified during capture:
  hardware packet filter and lookahead will only be modified if the original value can be
  determined. This fixes issues with connectivity on certain adapter types (WWAN and some WiFi
  adapters) after a capture is closed.

• Modify NDIS binding parameters so that Npcap will bind both above and below a NIC teaming or
  network bridge IM driver. This may improve capture options in related situations, like #115.

• Updated build configurations to enable DEP and ASLR for npcap.sys, which were missing from the
  original configs inherited from WinPcap. Additionally, enabled Control Flow Guard for Packet.dll
  and all helper EXEs.

• Fix a BSoD issue on Windows 8.1 due to registering a service without a name. Fixes #565.

• Fix an issue with admin-only mode where high-integrity processes (UAC not enforced) could not open
  or list adapters. Fixes #606.

• Restored an undocumented data member of the struct ADAPTER that is not used internally. Directly
  accessing members of the ADAPTER struct from Packet32.h is highly discouraged, since the
  API in Packet32.h is not intended for use apart from libpcap. Closes #609.

• Extensive refactoring of driver code for performance and maintainability.

Installer, debug symbols, and SDK available from https://npcap.org/#download

• Major overhaul of Packet.dll to improve performance of PacketGetAdapterNames(), used by
  pcap_findalldevs(), and PacketOpenAdapter(), used in all libpcap functions that return a
  pcap_t. Reduced calls to GetAdaptersAddresses(), properly caching results for short periods.
  Errors from lower functions are correctly propagated, making diagnosis of failures easier. Fixes
  #168, #61, and #586.

• PacketGetNetType() now always sets the LinkSpeed field to 0. Many adapters did not support the OID
  that was being used to get the link speed, and libpcap (Npcap’s published API) does not pass this
  information through, so there should be no impact on the majority of software. Software that needs
  link speed may use pcap_oid_get_request() or GetAdaptersAddresses() to get the information.

• The undocumented char PacketLibraryVersion[] export has been removed. The PacketGetVersion()
  function is the documented way to get the runtime version of the Packet.dll library.

• Packet injection operations (pcap_inject(), PacketSendPacket(), pcap_sendqueue_transmit(),
  and PacketSendPackets()) now properly pend the related Write IRP until the NBLs have
  been returned by NDIS. This may make packet injection more efficient.

• Packet injection operations are no longer limited to one at a time. Multiple threads can issue
  multiple send operations concurrently on the same capture handle without issue, unless system
  resource limits result in allocation failures. Additionally, WinPcap’s limit of 256 concurrent
  sends on each adapter has been removed. Each Write call is still synchronous, however.

• Loopback packet capture and injection now uses fewer WFP filters and callbacks, avoids duplicate
  packet processing, uses inspection rather than blocking filters, and persists callout driver
  objects while still removing callout filters when captures are not using them. These and other
  improvements increase loopback capture efficiency and reduce interference with other network
  components.

• Npcap is only supported on Windows 7 SP1 and later, and requires KB4474419 to support SHA-2
  signature validation. The installer will now check these specific requirements, rather than
  attempting an installation that will fail anyway.

• Added timeouts to subprocess executions in the installer to prevent a hung installation.

• Fixed a minor issue with Npcap OEM’s silent installer: Npcap 1.55 and later ought to avoid
  reinstalling the same version if the existing installation options match the requested options,
  but /winpcap_mode=no would never match.

• Packet sendqueue operations (pcap_sendqueue_transmit(), PacketSendPackets())
  with time synchronization (sync parameter) have been improved to use timed waits when
  possible, only falling back to busy wait for inter-packet delays of less than 50
  microseconds. Time difference calculations have been revised to avoid integer overflows
  and loss of precision. Fixes #580.

• Packet sendqueue operations now more strictly check timestamp order. If an out-of-order
  timestamp is encountered, the packet will not be transmitted. PacketSendPackets() will
  set the last error value to ERROR_INVALID_TIME. Since packets may be
  reported slightly out-of-timestamp-order on multiprocessor machines due to
  processing delays, only timestamps that are more than 1ms earlier than the
  preceding timestamp will generate the error.

• Npcap is now built with the Win11 SDK and WDK (10.0.22000). We look forward to
  implementing support for the exciting new features of NDIS and WFP.

• Improve capture handle state transitions within the Npcap driver. State mismatches led
  to issues like #584, where the wrong error code was
  reported when the adapter was detached and reattached.

• Fix an issue where raw WiFi capture handles (/dot11_support install option) would not
  reattach after a network disconnect and reconnect. Normal handles got this ability in
  Npcap 1.60, but raw WiFi frame captures (monitor mode) did not take advantage of it.
  Fixes #591.

• Npcap now avoids setting hardware packet filters (OID_GEN_CURRENT_PACKET_FILTER,
  PacketSetHwFilter()) that the miniport does not declare support for. This may improve
  compatibility with WWAN (e.g. 3G and LTE) and VPN connections.

• Npcap now tracks the original lookahead value (OID_GEN_CURRENT_LOOKAHEAD,
  PacketSetMaxLookahead()) before requesting the max value from the miniport, and restores it once
  the capture handle is closed. The practice of setting the lookahead to max value was inherited
  from WinPcap, and may be changed in the future subject to performance testing.

Installer and debug symbols available from https://npcap.org/#download

• Npcap can now tolerate network disconnections or NDIS stack
  modifications that previously resulted in programs like Wireshark
  stopping with the error «PacketReceivePacket error: The device has
  been removed. (1617)». This error may still be returned, but user
  programs can consider it a transient error. If the network is
  reconnected, capture can resume on the same handle. Fixes
  #506.

• Improved validation for IRP parameters, resolving potential BSoD
  crashes that could be triggered by software interacting directly
  with the driver’s device interface. These bugs still affect the last
  releases of WinPcap. Thanks to Ilja Van Sprundel from IOActive for
  reporting them.

• Fix an issue with NX pool compatibility that caused Npcap 1.50 and
  1.55 to fail to run on some Windows 7 systems. Fixes
  #536.

• Fix how the installer handles /option=enforced, which was broken
  in Npcap 1.55. Fixes #556.

• Concurrently released the Npcap SDK Version 1.12, which fixes native
  ARM compilation by including the ARM64 wpcap.lib, among other
  changes. The SDK now has its own change log at
  https://github.com/nmap/npcap/blob/master/SDK_CHANGELOG.md.

• Further driver source code hardening to catch more bugs
  before they manifest in worse ways. This includes adding more SAL
  annotations for code analysis, extra assertions, etc.

• The /prior_driver installer option now selects the Npcap 1.30
  driver, since Microsoft’s cross-certificate expired 30 minutes
  before we signed Version 1.31. See
  #536.

• Simplified the code base by removing a bunch of unused or
  unneccessary code. This includes «kernel dump mode» (MODE_DUMP)
  which was inherited from WinPcap 3.1 even though it had already been
  deactivated there in 2005. Also removed legacy WinPcap code which allowed
  their (long discontinued) «Pro» version DLL to install the driver
  itself. This is not allowed by modern operating systems. We were
  able to remove a bunch of code from NPFInstall.exe too. Updated the
  INF file to prevent npf_wifi service from being configured, since it
  was never actually used.

• Fix an issue causing pcap_setmode()/PacketSetMode() with a value
  of MODE_CAPT to fail. MODE_CAPT is the default for new handles,
  so this only affects software that uses MODE_STAT and then
  switches to MODE_CAPT, or software that expects a call to
  pcap_setmode(MODE_CAPT) on a handle already in MODE_CAPT to
  succeed. Fixes #558.

• When installing Npcap in WinPcap API-Compatible mode (the default),
  the Npcap installer will perform the uninstallation of WinPcap
  directly instead of running the WinPcap uninstaller. This prevents
  the WinPcap uninstaller from rebooting the system and allows us to
  clean up partial or broken installations.

• Further deprecate the «Legacy loopback support» option: The
  npcapwatchdog scheduled task will not check for the existence of the
  Npcap Loopback Adapter.

• Added the PnpLockDown directive to the npcap.sys INF file for
  additional Windows file protection of the driver binary.

• Replaced a feature of NPFInstall.exe and the SimpleSC.dll NSIS
  plugin with Powershell commands to improve installer size and
  compatibility. May fix #226.

• While you won’t see it in the code itself, we dramatically improved
  our automated build and testing proceses. We now run automated
  native-arch builds and testing of multiple programs (particularly
  the SDK Examples) on all 3 architectures (x86, x64, and ARM). All
  tests are run with the debug build of the driver (assertions on) and
  Driver Verifier with at least standard settings, and only when that
  passes is the release build run through the same tests, also with
  Driver Verifier. The tests are also run in x86 emulation on x64 and
  ARM.

Installer and debug symbols available from https://npcap.org/#download . Npcap SDK 1.11 was released concurrently, with only minor changes to const-ness of some function parameters in Packet32.h and additional documentation on installer options.

• Npcap installer can now recognize NetCfg status codes indicating that a
  reboot is required (0x0004a020, NETCFG_S_REBOOT), and will prompt the user
  to reboot. In silent mode, the installer will return code 3010 (0x0bc2,
  ERROR_SUCCESS_REBOOT_REQUIRED) to indicate this result. Fixes #224.

• Npcap installer’s silent mode now offers better control over when to remove
  and reinstall an existing Npcap installation. Documentation has been updated
  for the new installation options /require_version, /require_features, and
  /force and will be published with the new Npcap SDK 1.11. Fixes #523.

• Fixed an installation failure (0xe0000247) on Windows 8.1/Server 2012 R2 and
  earlier systems which have not updated root certificates. The root certificates
  are now installed to the Roots trust store. Fixes #233.

• Fixed an issue since Npcap 1.30 where broadcast and subnet masks for adapters
  returned by pcap_findalldevs() were in host byte order, displaying values
  like «0.240.255.255». Fixes #525.

• Libpcap 1.10.1 has been updated to include some recent changes to the libpcap-1.10
  release branch which extend support to adapters with the NdisMediumIP media type,
  including Wireguard Wintun virtual adapters. Fixes #173.

• Added specific bad-value checks for issues originating in other drivers which
  may be incorrectly attributed to Npcap. These checks, in combination with
  additional const qualifiers, should serve as assurance that Npcap is not
  modifying traffic during capture and cannot be responsible for such crashes.

• Powershell commands launched by the installer are now run with the
  -NoProfile option. Fixes #529.

• Npcap SDK minor change to add const qualifiers to parameters to several Packet.dll functions.

• Npcap installer now uses Unicode internally. This may result in mixed-encoding install.log files.