Deals

Oneplus Bullets Z2 Bluetooth Wireless in Ear Earphones with Mic, Bombastic Bass - 12.4 mm Drivers, 10 Mins Charge - 20 Hrs Music, 30 Hrs Battery Life, IP55 Dust and Water Resistant (Magico Black) Tukzer Universal Stylus Pen for Smartphone/Tablet/iPad/Pro/Air/iPhone/iOS boAt Type-C C600 Tangle-Free, Sturdy Cable w/ 100W/5A Fast Charging & 10Gbps Data Transmission, 10000+ Bends Lifespan and Extended 1.5m Length JBL Go 4, Wireless Ultra Portable Bluetooth Speaker, Pro Sound, Vibrant Colors, Water & Dust Proof, Type C (Without Mic, Black) CELLBELL Desire C104 Mesh Mid Back Ergonomic Office Chair/Study Chair/Revolving Chair/Computer Chair for Work from Home Metal Base Seat Height Adjustable Chair (Grey)
Slide 2
Slide 3
Slide 4
Slide 5

Tshark

 Tshark -  TShark is the command-line version of Wireshark

It performs similar network packet capture and analysis functions but without a graphical user interface. It is widely used for network monitoring, troubleshooting, and security analysis, especially in environments where a GUI is not available.

 

Examples :

 

Capture packets on an interface: 

tshark -i eth0

Capture and display only HTTP traffic: 

tshark -i eth0 -f "tcp port 80"

Capture packets and save to a file:

tshark -i eth0 -w capture.pcap

Display DNS queries:

tshark -i eth0 -Y "dns"

Output capture to JSON format:

tshark -i eth0 -T json


Key Options:

-i -> interface selection : Specifies the network interface to capture packets

 Example: tshark -i eth0


-D -> Get list of interfaces we get output , that you get all list of interfaces

 Example: tshark -D


-f -> capture filter : Specifies a filter for the packets captured at the interface level.

 Example : tshark -i eth0 -f "tcp port 80"


-Y -> display filter :  Filters the packets after capture (similar to Wireshark's display filters).

 Example : tshark -i eth0 -Y "http"

-w -> write output to the fileWrites the captured packets to a file in PCAP format, which can be opened later in Wireshark.

 Example : tshark -i eth0 -w capture.pcap


For More Info: https://www.securitymanadhey.com/p/tshark-tshark-is-command-line-version.html

Popular Posts

  • Windows | Multiple Login Failures from a Single User Analysis
    Multiple Login Failures from a Single User Objective: The objective of this use case is to identify brute force attacks that could be dictio...
  • Types of accounts in Windows | Windows Accounts
    Windows Account Types   References : Local and Domain Accounts Types of windows accounts
  • Multiple VPN Logins From Different Countries
    Multiple VPN Logins From Different Countries  means that the same user account is trying to log in from multiple geographical locations thro...
  • Tshark
      T shark -   TShark  is the command-line version of  Wireshark It performs similar network packet capture and analysis functions but withou...
  • Malicious URL Access Detected
    Malicious URL access detected means  when a user or host attempts a connection to a malicious website, like phishing pages, malware, or comm...
  • Unfamiliar Sign-In
    Unfamiliar Sign-In means a security event where a login attempt is detected from a device, location, or IP address that was not previousl...
  • DNS Zones
    Zone files are plain text files that store information about a specific domain's DNS configuration. They are part of the Domain Name Sys...
  • Querying DNS Records
    In the Windows operating system, the nslookup command is used to query DNS records. For example, to query the DNS A record for a domain, u...
  • DNS Server basics, types, record types, query types
      The Basics of DNS: The Internet's Address Book Imagine if every time you wanted to call a friend, you had to remember their exact 10-d...
  • How to play with DNS records
    Ramya is an intelligent and ambitious young woman with a deep passion for creating websites and a talent for crafting beautiful wool product...

Buy me coffee

Buy me coffee
#Fuel My Cybersecurity Journey with a Coffee!