Question 1

How do I stream WiFi packets live to Wireshark with ArduinoPcap?

Accepted Answer

Use the SerialShark.py script from the extras folder to connect the serial output to Wireshark, but ensure you have Python, pyserial, and a non-Windows OS, as specified in the dependencies. Set the correct baudrate (e.g., 921600 for ESP32) in both the sketch and script.

Question 2

ArduinoPcap: ESP32 or ESP8266 for better packet capture?

Accepted Answer

ESP32 is more reliable as the README notes its promiscuous mode works better, with fewer malformed packets, while ESP8266 often returns cut-off data. Choose ESP32 for accuracy, but ESP8266 suffices for basic tasks like SSID scanning.

Question 3

Why are packets from ESP8266 often malformed in ArduinoPcap?

Accepted Answer

The README explains that the ESP8266's promiscuous mode returns mostly false data, possibly due to hardware or driver limitations, making packets incomplete. This is a known issue, and the library is optimized for ESP32 instead.

Question 4

Can ArduinoPcap work on Windows for real-time analysis?

Accepted Answer

No, the Serialshark script for live Wireshark streaming doesn't work on Windows, as stated in the dependencies. Windows users can only use SD card logging or find alternative methods for live capture.

Question 5

How do I save captured packets to an SD card using ArduinoPcap?

Accepted Answer

Wire an SD card module via SPI to your ESP board, adjust settings like FILENAME and SAVE_INTERVAL in the sketch, and use the provided examples. The README recommends using the SdFat library for non-ESP32 boards.

Question 6

Is ArduinoPcap useful for detecting deauthentication attacks?

Accepted Answer

Yes, it can capture deauth packets as mentioned in the README's reference to projects like DeauthDetector, making it suitable for security research. However, reliability varies between ESP8266 and ESP32.

ArduinoPcap

What is ArduinoPcap?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions