Exploit Notes

Tshark

Last modified: 2023-02-13

Network

Tshark is a terminal-oriented version of Wireshark. It's a network protocol analyzer.

Basic Commands

# -r: Input file
tshark -r example.pcapng

# Number of packets
tshark -r example.pcapng | wc -l

# -Y: Filter
tshark -r example.pcapng -Y "http.user_agent"

# -T: Format of text output
# -e: Field name
tshark -r example.pcapng -Y "dns.qry.type == 1" -T fields -e dns.qry.name
tshark -r example.pcapng -Y "dns.flags.response == 0" -T fields -e dns.id

Tools by HDKS

Fuzzagotchi

Automatic web fuzzer.

aut0rec0n

Auto reconnaissance CLI.

Hash Cracker

Hash identifier.