usbsnoop
usbsnoop is a small but very useful utility program which can sniff/monitor, and log to file, all data exchange between an USB device and its driver under a Windows OS environment.
There are actually several such, highly related, utility programs and derivative works that are often casually referred to by the name "usbsnoop". Though such usage is technically incorrect, it is understandable due to their somewhat confusing and intertwined developments. An attempt to differentiate between these different apps, and illuminate their shared history is provided below.
History
USB Snoopy was released, in April 2000, by Tom and Roland, as a small utility for monitoring a USB device's communications traffic under a Windows 98 environment (see archived webpage). The USB Snoopy release consisted of three parts:
- a simple GUI program, SniffUSB.exe, to install and remove the filter driver
- a filter driver, UsbSnoop.sys, that monitors the actual USB traffic
- A debug viewer, dgbview.exe, was included to catch the output from the filer driver. (dgbview was written by Mark Russinovich from Sysinternals, which later went on to become a part of Microsoft)
Inspired by USB Snoppy, Benoit Papillault releases, in Mar 2001 usbsnoop v1.1, [1], which he describes simply as a USB sniffer for Windows 2000.
Download
If you are running Windows XP or any earlier version
Download 32 bits here Official homepage: http://benoit.papillault.free.fr/usbsnoop/
How to use Sniff v1.8?
1) Make sure that your device and drivers are installed on Windows 2) Start usbsnoop 3) Plug your device and press refresh button in usbsnoop 4) Select and install filters for your device in usbsnoop 5) Restart your Windows 6) Start your favorite application for some seconds, then stop the program and close usbsnoop.
If you are using Windows XP or later
Download 64 bits here Official homepage: http://www.pcausa.com/Utilities/UsbSnoop/
External Links
pvrusb website Microdia project
- usbsnoop - a Windows USB sniffer utility, which adheres to the WDM architecture
- also see SniffUSB 2.0 - a usbsnoop derivative