![]() ![]() ![]() Tshark -r example.pcap -Y http.request -T fields -e http.host -e | head -20 Tshark -r example.pcap -Y http.response -T fields -e | sort | uniq -cĮxample 2: # top 10 request url = Tshark -r example.pcap -Y http.response -T fields -e | head Tshark -r example.pcap -Y http.response | head Tshark -r mail.pcap -qz io,stat,60,ip,tcp,smtp,popĮditcap -t -27.681538 mail.pcap mail-new.pcapĮxample 1: # counting http response code = Tshark -r http.pcap -o tcp.desegment_tcp_streams:FALSE -Y http -w false.pcapĭemo 5: # Protocol Statistics = Tshark -r http.pcap -o tcp.desegment_tcp_streams:TRUE -Y http -w true.pcap Tshark -r http.pcap -o tcp.desegment_tcp_streams:FALSE -Y http Tshark -r http.pcap -o tcp.desegment_tcp_streams:TRUE -Y http Tshark -r ssl.pcap -o ssl.keys_list:192.168.3.3,443,http,key.pem -Y http.response -V -O http | more Tshark -r port-1234.pcap -d tcp.port =1234,http -Y http # display filter Tshark -r port-1234.pcap -x # add output of hex and ASCII dump Tshark -r http.pcap -T pdml # output format (text,json,pdml) Tshark -r http.pcap -V -O http # only show http layer This site uses Just the Docs, a documentation theme for Jekyll. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |