Windows Packet Divert (WinDivert) is a user-mode packet capture-and-divert package for Windows Vista, Windows 2008, Windows 7, Windows 8 and Windows 10.
WinDivert allows user-mode applications to capture/modify/drop network packets sent to/from the Windows network stack. In summary, WinDivert can:
– capture network packets
– filter/drop network packets
– sniff network packets
– (re)inject network packets
– modify network packets
WinDivert can be used to implement user-mode packet filters, packet sniffers, firewalls, NAT, VPNs, tunneling applications, etc.
The main features of WinDivert include:
+ packet interception, sniffing, or dropping modes
+ supports loopback (localhost) traffic
+ full IPv6 support
+ network layer
+ simple yet powerful API
+ high-level filtering language
+ filter priorities
+ silent installation
+ freely available under the terms of the GNU Lesser General Public License (LGPL)
Changelog WinDivert v1.3.0 24/9/2017:
– Fix BSOD that sometimes occurs after abnormal user application exit.
– Fix BSOD that sometimes occurs when WinDivert is combined with other callout drivers.
– WinDivertSend() has been optimized. However, it may not detect as many packet injection errors as it could before.
Usage and Building:
git clone https://github.com/basil00/Divert && cd Divert
+ In a WinDDK build environment, run the command:
+ [OPTIONAL Visual Studio 2012 support] In a VS2012 command prompt, run the command:
+ [OPTIONAL MinGW support] In Linux with MinGW a cross-compiler, run the command: