|
There is nothing new about Wireshark releasing an update; however, the new 2.4 branch has new feature that is quite useful that I have been waiting to be able to use for a while. In case you missed it, tshark now has the ability to Export Objects. I have tested the export using large pcap files with multiple objects and tshark does a good job "dumping" all the files in the specified directory (i.e. destdir). To extract HTTP or SMB objects from the command-line, run the following command: tshark -nr file.pcap --export-objects http,destdir
----------- |
Guy 439 Posts ISC Handler |
| Subscribe |
Aug 19th 2017 1 year ago |
Sign Up for Free or Log In to start participating in the conversation!
