Cacher is the code snippet organizer for pro developers

sample 抓包文件

• https://wiki.wireshark.org/SampleCaptures

plugins

• https://support.cloudshark.org/wireshark-plugin/using-the-wireshark-plugin.html

tcp payload

• https://ask.wireshark.org/questions/35353/exporting-payload-data-in-binary-file

过滤

• Capture: https://wiki.wireshark.org/CaptureFilters
• Display: https://wiki.wireshark.org/DisplayFilters

tshark

• https://www.wireshark.org/docs/man-pages/tshark.html
• 抓包: sudo tshark -i lo -f "port 1935" -w cap.pcap
• 过滤: tshark -r cap.pcap -w publish.pcap "tcp.len > 0"
• 读包: tshark -r publish.pcap -xP

docs

• http://wiki.wireshark.org/CaptureSetup/Loopback
• http://wiki.wireshark.org/CaptureSetup/Ethernet
• 抓包网络结构: http://wiki.wireshark.org/CaptureSetup/Ethernet
• 抓同一台电脑上不同进程之间的包 http://wiki.wireshark.org/CaptureSetup/Loopback

教程

• https://www.udemy.com/wireshark-tutorial-guide-for-beginners/