but some network attack tool made by winpcap library.
If network attack is performed from remote host to the system with WinpkFilter installed you will be able to intercept/block attacker packets sent with winpcap or anything else.
If you want to block/inspect locally installed winpcap activities than this is also possible to do with simple extension of WinpkFilter (add winpcap to the list of hooked protocols in the NDIS hooking driver, NDIS IM build filters all protocols by default).