Using TShark For Continuous Packet Monitoring and Packet Intelligence
By Securitynik on 2020-05-09 17:28:50
If you are already capturing your packets and are trying to figure out how to best use these PCAP files and the data in them, I have released a python package consisting of two scripts to help you gain intelligence from the packets. The primary script "" retrieves IP addresses, Domains, URLS, http host information along with TLS Server Name Indication information and compares this to data in your existing PCAPs. To learn more about this package, checkout the project repository on GitHub: