Termshark

A terminal UI for tshark, inspired by Wireshark

Why?

  • You're debugging on a remote machine and need to study a pcap.
  • You don't want to copy it back to your desktop.
  • You're familiar with Wireshark. 😃

Features

  • Read pcap files or sniff live interfaces.
  • Use Wireshark's display filters.
  • Reassemble TCP and UDP streams.
  • Copy packet data to your clipboard.
  • Written in Go - for Linux, macOS, FreeBSD, Android (termux) and Windows.

For setup, bugs and feature requests head over to GitHub.

News!

  • Nov 10 2019 - Termshark v2 is available! See the ChangeLog. Binaries are on Github.