Terminal network tool

termshark

Wireshark is an amazing tool for analyzing and filtering network packets. It's difficult to use, but it allows you to explore the inner depths of protocols and even what goes on beneath protocols. It has become essential for anyone who wants to make sure there's nothing untoward happening on their network or to discover whether that cheap Telnet-enabled webcam is sending packets to your server or live streaming your garden to China. But Wireshark needs a GUI, which means you're somewhat restricted in where you can run the analysis, because the device at least needs to be capable of producing a graphical interface. Wireshark does include tshark to help with this, but it's not as intuitive or as discoverable as the GUI version since it's built for network protocol analysis. What we really need is termshark!

Termshark harnesses and contains the functionality provided by tshark and Wireshark, only from the command line. You start it by taking a packet capture of the network interface as arguments, with optional protocol filters. With that done, you see the main view. Remarkably, if you can make your way around the GUI version, you'll be able to find your way around this terminal version, because the layout and interactive elements are very similar. You lose small refinements like the device activity thumbnails, but you gain the ability to capture and filter, export and import captures, and expand packet elements just as you would with the desktop version. It even works well with a mouse, and the UI remains quick and responsive through all your captures, expands elements, and views specific sets according to your requirements. There are a few bugs, such as the drop-down filter menu length, but it's still the same old Wireshark, only wonderfully running from the command line.

Project Website

https://github.com/gcla/termshark

Feel like a real hacker by diving into the depths of your network from the command line.

Satellite imagery