AirPcap is an adapter that captures all or a filtered set of WLAN frames and delivers the data to the Wireshark platform. Once AirPcap is installed, Wireshark displays a special toolbar that provides direct control of the AirPcap adapter during wireless data capture.
The Wireshark UI is then employed to perform network and data analysis on the packets derived from an AirPcap capture session.

AirPcap is also the name of a family of products that includes AirPcap Classic, AirPcap Tx, AirPcap Ex and AirPcap N. This product family represents the first open, affordable, and easy-to-deploy 802.11 WLAN packet capture solutions for the Windows platform. The various members of the AirPcap family + Wireshark provide information about wireless protocols and radio signals, enabling you to capture and analyze low-level 802.11a/b/g/n wireless traffic, including control frames, management frames, and power information.

In addition to all of the packet capture features and functionality of AirPcap Classic, AirPcap Tx and AirPcap Ex support packet injection.  This ability to transmit raw 802.11 frames is an invaluable aid in assessing the security of your wireless network. Several security tools, including Cain & Abel and Aircrack-ng, can use the AirPcap Tx adapter transmit features for advanced penetration testing.

AirPcap Ex is a new AirPcap family member that includes a USB-based 802.11 a/b/g adapter with an external antenna connector.  AirPcap Ex provides packet transmission capabilities, multi-channel monitoring and aggregation, on-board microsecond timestamping precision, and more. AirPcap N is the first solution to capture, decode, and visualize 802.11n protocol traffic from any laptop or desktop PC.

Most WLAN packet analyzers provide proprietary drivers that are based on driver source code provided by Broadcom, Atheros, and other wireless chip manufacturers.  AirPcap provides its own promiscuous driver that operates independently from on-board NICs and their drivers, allowing AirPcap to work with the broadest range of laptops and desktop PCs possible.

No other products provide 802.11 capture and transmission in a small package that can be easily moved between workstations.

In addition, AirPcap is the only solution on the market that easily enables capturing packets from multiple 802.11 channels by simply plugging more than one USB adapter into a laptop or desktop PC.

AirPcap Classic, AirPcap Tx, and AirPcap Ex all support multi-channel monitoring and aggregation. AirPcap N does not currently support this functionality and there are no immediate development plans to add this capability to the product.

AirPcap Ex is a wireless USB adapter with an external antenna connector, and comes with a cable and antenna. Please contact us directly if you need an 802.11n adapter that supports external antennae.

Both AirPcap Ex and AirPcap N provide support for 802.11a packet capture and analysis.

AirPcap Ex and AirPcap N provide support for hardware timestamping with microsecond precision.

WPA temporal keys (PTK and GTK) are not displayed by Wireshark. Pairwise keys are derived but not displayed, and group keys are not, as yet, derived.

No, and most people like it that way. Really! AirPcap Classic, Tx, and Ex are USB adapters, which leaves you free to you to use your built-in adapter for normal network operations while simultaneously using your AirPcap adapter for analysis. This is much more convenient and flexible than trying to use a single adapter for everything.

Upgrading from one AirPcap adapter to another requires replacing the entire adapter.

If you would like to upgrade, you can do so by paying the difference in price between the two products along with any shipping fees.  Please contact info@ePlaza.nl for more information.

AirPcap runs on the following platforms:

• Windows 2000
• Windows XP (service pack 2, 32 or 64 bit)
• Windows 2003 (32 or 64 bit)
• Windows Vista (32 or 64 bit)

There are no plans to port AirPcap to other platforms at this time.

For the moment, our solution allows you to create custom packets that can then be sent over the air. We don't have replay capabilities yet. The packets are sent one at a time, but the API gives you the flexibility to send pretty much any way you like.

Our AirPcap Classic 3-Pack and AirPcap Ex 3-pack can capture traffic from 3 channels at the same time, and aggregate it in a single capture. WPA and WPA2 can be decrypted and analyzed using the Wireshark network analyzer, included with the AirPcap product CD.

That’s right. After installing our driver and plugging our adapter in the USB port, Wireshark, as will start capturing wireless traffic.

It's not. The Tx frequency and strength are very strictly regulated by the FCC. The signal strength is set to the maximum allowed by the ship-to country.

AirPcap Tx is totally passive unless you use a program that explicitly injects packets.

We've never tested it under BartPE, but our understanding is that BartPE is just a stripped down version of Windows that runs from a CD. In that case, we can't see any reason why AirPcap shouldn't work with it. You probably want to include the AirPcap driver when you build the BartPE image to avoid installing it every time.

The AirPcap adapter works with USB 1.0 as well. However, since the bandwidth of USB 1.0 is very low, you might experience drops at high frame rates. AirPcap-N is available in CardBus, mini-PCI, and mini-PCIe if that works better for you.