ToolsFebruary 9, 20261 min readby 0xt0pus

tcpdump

Command-line packet analyzer for capturing and filtering network traffic

#networking#packet-capture#blue-team

Tcpdump

Description

Tcpdump is a command-line packet capture tool. It is used for capturing and analyzing network traffic directly from the terminal.

Usage 1: List Available Interfaces

Command:

sudo tcpdump -D

Usage 2: Capture Traffic on Interface

Command:

sudo tcpdump -i eth1

Command (Verbose):

sudo tcpdump -i eth1 -v

Command (Quiet mode):

sudo tcpdump -i eth1 -q

Usage 3: Filter by Host

Command:

sudo tcpdump -i eth1 host google.com

Usage 4: Filter by Source and Destination

Command:

sudo tcpdump -i eth1 src 192.168.23.12 and dst 192.168.23.2

Usage 5: Capture Limited Packets

Command:

sudo tcpdump -i eth1 -c 150

Usage 6: Save Capture to File

Command:

sudo tcpdump -i eth1 -w output.txt