Termshark

A terminal UI for tshark, inspired by Wireshark

Why?

  • You're debugging on a remote machine and need to study a pcap.
  • You don't want to copy it back to your desktop.
  • You're familiar with Wireshark. 😃

Features

  • Read pcap files or sniff live interfaces.
  • Use Wireshark's display filters.
  • Reassemble TCP and UDP streams.
  • View conversations by protocol.
  • Written in Go - for Linux, macOS, FreeBSD, Android (termux) and Windows.

For setup, bugs and feature requests head over to GitHub.

News!

  • Feb 02 2020 - Termshark v2.1 is out now! Featuring conversations, pcap info, packet colors and more.
  • Nov 10 2019 - Termshark v2 is available!