Pcap Analysis
Extract Information from a Pcap File
Extract Credentials
Pcredz
Install Pcredz
Ngrep
Install ngrep
If you are looking for something inside the pcap you can use ngrep. Here is an example using the main filters:
Extract Information
Scapy
More Scapy Commands
summary() | displays a list of summaries of each packet |
nsummary() | same as previous, with the packet number |
conversations() | displays a graph of conversations |
show() | displays the preferred representation (usually nsummary()) |
filter() | returns a packet list filtered with a lambda function |
hexdump() | returns a hexdump of all packets |
hexraw() | returns a hexdump of the Raw layer of all packets |
padding() | returns a hexdump of packets with padding |
nzpadding() | returns a hexdump of packets with non-zero padding |
plot() | plots a lambda function applied to the packet list |
make_table() | displays a table according to a lambda function |
REFERENCES
Last updated