Termshark

A terminal user-interface for tshark, inspired by Wireshark.

If you’re debugging on a remote machine with a large pcap and no desire to scp it back to your desktop, termshark can help!

Features

• Read pcap files or sniff live interfaces (where tshark is permitted).
• Inspect each packet using familiar Wireshark-inspired views
• Filter pcaps or live captures using Wireshark’s display filters
• Copy ranges of packets to the clipboard from the terminal
• Written in Golang, compiles to a single executable on each platform – downloads available for Linux (+termux), macOS, FreeBSD, and Windows

Use

Termshark provides a terminal-based user interface for analyzing packet captures. It’s inspired by Wireshark and depends on tshark for all its intelligence. Termshark is run from the command-line. You can see its options with

Copyright (c) 2019 Graham Clark