The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

  • Subscribe

  • Xavier’s tweets

    Error: Twitter did not respond. Please wait a few minutes and refresh this page.

  • Goodreads

  • Enter your email address to follow this blog and receive notifications of new posts by email.

    Join 1,186 other followers

  • Blog Stats

    • 52,779 hits

USB Snoop: A USB Sniffer

Posted by Xavier Ashe on July 27, 2008

USBSnoop is a program (driver) that logs the USB data exchange between hardware and device driver. Best part is, it is OPEN SOURCE.

It is based on the WDM architecture (Windows Driver Model), which supports the insertion of a filter between device drivers. In this case, the filter itself is a driver.

Also, it is very easy to install. All you need to do is copy the driver to your ‘drivers’ directory (normally c:\windows\system32\drivers for Windows XP & c:\WINNT\system32\drivers for Windows 2000). Then, you need to configure the sniffer front-end sniffusb.exe and then use the device that needs to be sniffed. This program saves the logs in your Windows drive with the name usbsnoop.log

This application is compatible with Windows 98, Windows 2000, Windows XP.

Download the latest version (though not updated in a LONG time) here (version 1.8).


Found on


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: