cdpsnarf network sniffer

CDPSnarf is a network sniffer exclusively written to extract information from CDP packets.
It provides all the information a “show cdp neighbors detail” command would return on a Cisco router and even more.

A feature list follows:

• Time intervals between CDP advertisements
• Source MAC address
• CDP Version
• TTL
• Checksum
• Device ID
• Software version
• Platform
• Addresses
• Port ID
• Capabilities
• Duplex
• Save packets in PCAP dump file format
• Read packets from PCAP dump files
• Debugging information (using the “-d” flag)
• Tested with IPv4 and IPv6

cdpsnarf Usage Example

Sniff on interface eth0 (-i) and write the capture to a file named cdpsnarf.pcap (-w):

root@kali:~# cdpsnarf -i eth0 -w cdpsnarf.pcap

Reading packets from eth0.
Waiting for a CDP packet...