![]() ![]() Using the -T we specify we want to extract fields, and with the -e options we identify which fields we want to extract. In the following example, we extract data from any HTTP requests that are seen. Capture Packets with Tshark tshark -i wlan0 -w capture-output.pcap Read a Pcap with Tshark tshark -r capture-output.pcap HTTP Analysis with Tshark As you can see, the syntax for capturing and reading a pcap is very similar to tcpdump. ![]() Use these as the basis for starting to build your extraction commands. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |