tshark – Capturing Packets from the Windows Command Line
April 9th, 2014
No comments
A quick aide-memoir about how to go about capturing traffic from the Windows command line. You must be in the Wireshark directory (or have the location in your PATH environment settings):
1. Find interface Index:
C:\Program Files (x86)\Wireshark>tshark -D
1. \Device\NPF_{B3BA19B1-3083-4FF5-9CA5-09E33CABEC93} (Microsoft)
2. \Device\NPF_{E7CE2EDC-D965-44DF-A7F2-A14B4A762B40} (Sun)
3. \Device\NPF_{B88703B3-2E09-4FC7-A061-21A94A22BBBE} (Intel(R) 82579LM Gigabit
Network Connection) Read more…