The crappy network capture
https://github.com/vikingfacer/cappy/tree/main
In this post I would like to introduce a project Cappy. Cappy is a command like tool like tshark or tcpdump but writing in Zig. Cappy at the moment is a worse version of tshark or tcpdump, but with ambitions of adding offensive measures. Cappy exists as an opportunity to try writing a tool. It is also a way to learn more about programming in Zig. Additionally, it helps in understanding networking.
Project Link: https://github.com/vikingfacer/cappy
Zig Evangelizing
I picked Zig as the language for this project because I like it. I like it because of the amount of control, Compile time shenanigans , and the philosophy of it. Control: In Zig allocating memory not automatic or done with a keyword. you must select and allocator and do the function calls and handle the errors. Compiler time Shenanigans Zig supports compile time reflection, so a lot of functionality can be done at compile time. The philosophy Zig seems to enable developers to make choices instead of dictating terms.
How does Cappy work
Cappy is a command line application. The user gives Cappy arguments with -flags.
What Cappy Does
When given
- -l or –list
- Lists the devices available for capture
- -d or –device
- Opens the given device
- -o or –open
- Opens file only takes pcap
- -p or –program
- Opens a program given as a shared library and function
Otherwise Cappy treats all arguments as a filter.
Components of Cappy
- CLI arguments
- Packet capture
- TCPDump & C binding
- Printing
- Programs
In the posts following this one, We will explore each one of these Components.
Leave a Reply