while true ; do tcpick -a -C -r dump.pcap ; sleep 2 ; clear ; done
ngrep -d eth0 "www.domain.com" port 443
-d [iface|any] - set interface[domain] - set hostnameport [1-65535] - set port number
ngrep -d eth0 "www.domain.com" src host 10.240.20.2 and port 443
(host [ip|hostname]) - filter by ip or hostname(port [1-65535]) - filter by port number
ngrep -d eth0 -qt -O ngrep.pcap "www.domain.com" port 443
-q - quiet mode (only payloads)-t - added timestamps-O [filename] - save output to file, -I [filename] - reading from file
ngrep -d eth0 -qt 'HTTP' 'tcp'
HTTP - show http headerstcp|udp - set protocol[src|dst] host [ip|hostname] - set direction for specific node
ngrep -l -q -d eth0 -i "User-Agent: curl*"
-l - stdout line buffered-i - case-insensitive search
hping3 -V -p 80 -s 5050 <scan_type> www.google.com
-V|--verbose - verbose mode-p|--destport - set destination port-s|--baseport - set source port<scan_type> - set scan type
-F|--fin - set FIN flag, port open if no reply-S|--syn - set SYN flag-P|--push - set PUSH flag-A|--ack - set ACK flag (use when ping is blocked, RST response back if the port is open)-U|--urg - set URG flag-Y|--ymas - set Y unused flag (0x80 - nullscan), port open if no reply-M 0 -UPF - set TCP sequence number and scan type (URG+PUSH+FIN), port open if no reply
hping3 -V -c 1 -1 -C 8 www.google.com
-c [num] - packet count-1 - set ICMP mode-C|--icmptype [icmp-num] - set icmp type (default icmp-echo = 8)
hping3 -V -c 1000000 -d 120 -S -w 64 -p 80 --flood --rand-source <remote_host>
--flood - sent packets as fast as possible (don't show replies)--rand-source - random source address mode-d --data - data size-w|--win - winsize (default 64)
click the source code to copy
install
nmap
on any operating system with
command-not-found.com
