Name: Performing Network Traffic Analysis With Tshark
Author: mukul975

Overview

This skill automates packet capture analysis using tshark (Wireshark CLI) and pyshark (Python wrapper). It extracts protocol distribution statistics, identifies suspicious network flows (port scans, beaconing, data exfiltration), extracts IOCs (IPs, domains, URLs), and detects DNS tunneling patterns from PCAP files.

When to Use

When conducting security assessments that involve performing network traffic analysis with tshark
When following incident response procedures for related security events
When performing scheduled security testing or auditing activities
When validating security controls through hands-on testing

Prerequisites

tshark (Wireshark CLI) installed and in PATH
Python 3.8+ with pyshark library
PCAP or PCAPNG capture file for analysis

Steps

Extract Protocol Statistics — Generate protocol hierarchy and conversation statistics from the capture

Overview

When to Use

When conducting security assessments that involve performing network traffic analysis with tshark
When following incident response procedures for related security events
When performing scheduled security testing or auditing activities
When validating security controls through hands-on testing

Prerequisites

tshark (Wireshark CLI) installed and in PATH
Python 3.8+ with pyshark library
PCAP or PCAPNG capture file for analysis

Steps

Extract Protocol Statistics — Generate protocol hierarchy and conversation statistics from the capture

Performing Network Traffic Analysis With Tshark

Overview

When to Use

Prerequisites

Steps

Performing Network Traffic Analysis With Tshark

Overview

When to Use

Prerequisites

Steps

Expected Output

Session Logs

OpenClaw Test Heap Leaks

Node Connect

Openclaw Qa Testing

Openclaw Secret Scanning Maintainer

Flags