WinDivert

REQRYPT WINDIVERT TALLOW

WinDivert 1.1: Windows Packet Divert

Windows Packet Divert (WinDivert) is a user-mode packet capture-and-divert package for Windows Vista, Windows 2008, Windows 7, Windows 8 and Windows 10.

WinDivert allows user-mode applications to capture/modify/drop network packets sent to/from the Windows network stack. In summary, WinDivert can:

  • capture network packets
  • filter/drop network packets
  • sniff network packets
  • (re)inject network packets
  • modify network packets

WinDivert can be used to implement user-mode packet filters, packet sniffers, firewalls, NAT, VPNs, tunneling applications, etc.

The main features of WinDivert include:

  • packet interception, sniffing, or dropping modes
  • supports loopback (localhost) traffic
  • full IPv6 support
  • network layer
  • simple yet powerful API
  • high-level filtering language
  • filter priorities
  • silent installation
  • freely available under the terms of the GNU Lesser General Public License (LGPL)

➢ Documentation and Samples

➢ Source Repository

The source code for WinDivert is hosted on GitHub:

Note that the repository version of WinDivert should generally be considered unstable.

➢ Download

The following stable source packages for WinDivert are available:

The following stable binary packages for WinDivert are available. Choose the package that matches your compiler:

NEW (29th July 2015): An experimental release of WinDivert1.2 is now available:

WinDivert1.2 introduces new filter syntax extensions, new helper API functions for checking and evaluating filters, and changes the way checksums are handled. See the WinDivert ChangeLog and WinDivert1.2 documentation for more information.

NOTES:

  1. To use WinDivert please ensure that you use the correct version (i.e. 32-bit WinDivert for 32-bit system, etc.) and that you are running with Administrator privileges. Otherwise WinDivert will fail to load.
  2. As of version 1.0.4, the binary WinDivert drivers are signed by Nemea Mjukvaruutveckling (Nemea Software Development). We thank Nemea for their support. Commercial users of WinDivert should sign the driver with their own certificate if possible.
  3. The WinDivert.dll and sample executables depend on an appropriate version of the Microsoft Visual C++ Redistributable library. For example, the MSVC WinDivert build depends on MSVCR110.dll. This file is not distributed as part of the WinDivert binary package and must be installed separately.

➢ Projects

The following projects use WinDivert:

  • ReQrypt: A HTTP request tunneling tool.
  • TcpCrypt (github): Encrypt (almost) all of your network traffic.
  • BarbaTunnel: Tunnel VPN traffic through HTTP.
  • PyDivert: A WinDivert Python binding.
  • Tallow (github): Transparent Tor for Windows.
  • Clumsy (github): A utility for simulating a broken network for Windows.
  • SnoopSpy (github): A packet capturing/manipulation tool.
  • mitmproxy (dev version): An interactive SSL-capable intercepting HTTP proxy.
Contact basil if you want a link to your WinDivert-related project.

➢ Contact

Send feedback and/or questions to:

Copyright © 2015 basil