Wireshark-dev: Re: [Wireshark-dev] new dissector - dynamic value string table?
From: Gisle Vanem <[email protected]>
Date: Wed, 27 Feb 2013 11:07:13 +0100
"Max Baker" <[email protected]> wrote:

I've created a new dissector for USB PTP
(http://en.wikipedia.org/wiki/Picture_Transfer_Protocol) .  This is the
protocol most digital cameras speak over USB.   I've gotten far enough
to do the basic dissection, and I'm pretty stoked on the results!
Just a side-question. Anybody have any experience on USB-snooping
on Windows? Is it possible at all? The page

describes how it's done under Linux. This page

describes it for Win, but the project seems abandoned. It would
be cool it add usb-sniffing to libpcap or Wireshark itself. Ref. airpcap.