[WoW][7.3+] What methods of packet sniffing are the safest and actual now?

[BlackRainBow]

Prior to 7.3, I used hardware breakpoints on NetClient::Send2 / NetClient::HandleData (x86).
Now, as I understand, this is impossible. Or can I hook GetThreadContext or KiUserExceptionDispatcher and everything will be okay? Remap image and inject DLL? Capture packets from network card? Or some other?
What methods are still actual now, and not just safe, but have the maximum stability?

[doityourself]

I still inject my dll and just hook both functions since 7.3.0. I'm fine atm

This doesn't mean, that it's safe! ...

[mdX7]

Capturing packets from nic may be hard because you have to decrypt packets with the session key. It's the safest method tho - you may even do crazy stuff like routing the traffic over another computer and capture packets there (MitM).
But for now hooking both functions is still working - just like king48488 said.

[Light-Boost]

Here is the old test code (pandaria) to read it from driver using WinDivert lib.WowSniffer.zip

[Jadd]

I still inject my dll and just hook both functions since 7.3.0. I'm fine atm

Writing to .text is still undetected? What is even the point to the obfuscation they added in 7.3?

[doityourself]

Writing to .text is still undetected? What is even the point to the obfuscation they added in 7.3?

Its pretty easy for them to detect it and they are also checking if stuff is written to it, but they may ban only bot/hack users. Thats why I‘m waiting for the mext ban wave