top of page


Tshark, a well known and powerful command-line tool and is used as a network analyzer. It is developed by Wireshark. It’s working structure is quite similar to Tcpdump, but it has some powerful decoders and filters. TShark is capable of capturing the data packets information of different network layers and display them in different formats.

TShark is used to analyze real-time network traffic and it can read .pcap files to analyze the information, dig into the details of those connections, helping security professionals to identify their network problem.

Installing on Linux:

TShark prints a list of the interfaces whose traffic it can capture. Each interface is referred to by their serial number and as you can see it is followed by a text description of the network interface. These interfaces can be specified using -i parameter; which is used to specify the network whose traffic we want to capture. And to check out these interfaces you can use the parameter -D as shown below:

In the networking, promiscuous mode is used as an interface controller that causes tshark to pass all the traffic it receives to the CPU rather than passing the frames to the promiscuous mode is normally used for packet sniffing that can take place on a router or on a computer connected to a wired network or a part of LAN.

When using this mode, we will need to configure it with the help of ifconfig so that it let us capture the data packets of the whole network. Therefore, we will start by pinging a website and try to capture its data packets.

> Capture the packets:

> Packet count:

> Read and Write in a file:

> Verbose mode:

> Tabs:

> Capturing packets of a particular port:

> Display filter:

53 views0 comments

Recent Posts

See All

Cyrillic Alphabet

Exploring the Cyrillic Alphabet: A Beginner's Guide Have you ever come across the Cyrillic alphabet and wondered what it's all about? Maybe you've seen it on Russian websites, or perhaps you've notice

MacOS | Recording a Packet Trace

A packet trace is a record of traffic traveling across the network. It’s useful for investigating complex network problems related to both correctness and performance. Once you start a packet trace on

DNS Guard

Absolutely everything is connected to the internet these days, from TV to smart light bulbs, from mobile devices to smart cars. Given those ads and ad trackers are everywhere on the Internet, a browse


bottom of page