Termshark

A terminal UI for tshark, inspired by Wireshark

Why?

  • You're debugging on a remote machine and need to study a pcap.
  • You don't want to copy it back to your desktop.
  • You're familiar with Wireshark. 😃

Features

  • Read pcap files or sniff live interfaces.
  • Use Wireshark's display filters.
  • Reassemble TCP and UDP streams.
  • View conversations by protocol.
  • Written in Go - for Linux, macOS, *BSD, Android (termux) and Windows.

For setup, bugs and feature requests head over to GitHub.

News!

  • Jan 03 2021 - Termshark v2.2 is here! With vim-navigation, a cmdline, packet marks, and themes.
  • Feb 02 2020 - Termshark v2.1 is out now! Featuring conversations, pcap info, packet colors and more.