analysis-tshark

Solid

Network protocol analyzer and packet capture tool for traffic analysis, security investigations, and forensic examination using Wireshark's command-line interface. Use when: (1) Analyzing network traffic for security incidents and malware detection, (2) Capturing and filtering packets for forensic analysis, (3) Extracting credentials and sensitive data from network captures, (4) Investigating network anomalies and attack patterns, (5) Validating encryption and security controls, (6) Performing protocol analysis for vulnerability research.

Data & Documents 335 stars 29 forks Updated today

Install

View on GitHub

Quality Score: 85/100

Stars 20%

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

Description 5%

100

Skill Content

# TShark Network Protocol Analyzer ## Overview TShark is the command-line network protocol analyzer from the Wireshark project. It provides powerful packet capture and analysis capabilities for security investigations, forensic analysis, and network troubleshooting. This skill covers authorized security operations including traffic analysis, credential extraction, malware detection, and forensic examination. **IMPORTANT**: Network packet capture may expose sensitive information and must only be conducted with proper authorization. Ensure legal compliance and privacy considerations before capturing network traffic. ## Quick Start Basic packet capture and analysis: ```bash # Capture packets on interface sudo tshark -i eth0 # Capture 100 packets and save to file sudo tshark -i eth0 -c 100 -w capture.pcap # Read and analyze capture file tshark -r capture.pcap # Apply display filter tshark -r capture.pcap -Y "http.request.method == GET" # Extract HTTP objects tshark -r capture.pcap --export-objects http,extracted_files/ ``` ## Core Workflow ### Network Analysis Workflow Progress: [ ] 1. Verify authorization for packet capture [ ] 2. Identify target interface and capture requirements [ ] 3. Capture network traffic with appropriate filters [ ] 4. Analyze captured packets for security indicators [ ] 5. Extract artifacts (files, credentials, sessions) [ ] 6. Document findings and security implications [ ] 7. Securely handle and store capture files [ ] 8. Clean up sensitiv...

Details

Author: aiskillstore
Repository: aiskillstore/marketplace
Created: 5 months ago
Last Updated: today
Language: Python
License: None

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Solid

performing-network-traffic-analysis-with-tshark

Automate network traffic analysis using tshark and pyshark for protocol statistics, suspicious flow detection, DNS anomaly identification, and IOC extraction from PCAP files

13,115 Updated today

mukul975

AI & Automation Featured

analyzing-network-traffic-with-wireshark

Captures and analyzes network packet data using Wireshark and tshark to identify malicious traffic patterns, diagnose protocol issues, extract artifacts, and support incident response investigations on authorized network segments.

13,115 Updated today

mukul975

AI & Automation Listed

analyzing-network-traffic-with-wireshark

6 Updated yesterday

26zl

AI & Automation Featured

wireshark-analysis

Execute comprehensive network traffic analysis using Wireshark to capture, filter, and examine network packets for security investigations, performance optimization, and troubleshooting.

39,350 Updated today

sickn33

Data & Documents Solid

wireshark-network-traffic-analysis

This skill should be used when the user asks to "analyze network traffic with Wireshark", "capture packets for troubleshooting", "filter PCAP files", "follow TCP/UDP streams", "detect network anomalies", "investigate suspicious traffic", or "perform protocol analysis". It provides comprehensive techniques for network packet capture, filtering, and analysis using Wireshark.

27,705 Updated today

davila7