Friday, June 20, 2014

tshark/wireshark cheat sheet


Dump all DNS name lookups  in a pcap along with IP
tshark -r file.cap -T fields -e ip.src -e dns.qry.name -R "dns.flags.response eq 0"
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)