Termshark

A terminal UI for tshark, inspired by Wireshark

Why?

  • You're debugging on a remote machine and need to study a pcap.
  • You don't want to copy it back to your desktop.
  • You're familiar with Wireshark. 😃

Features

  • Read pcap files or sniff live interfaces.
  • Use Wireshark's display filters.
  • Reassemble TCP and UDP streams.
  • View conversations by protocol.
  • Written in Go - for Linux, macOS, *BSD, Android (termux) and Windows.

For setup, bugs and feature requests head over to GitHub.

News!