-
-
Save qsLI/c10b3b8f287760a12625dbd66fba0b0b to your computer and use it in GitHub Desktop.
Revisions
-
qzaidi revised this gist
Aug 19, 2020 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,6 +2,8 @@ ``` tcpdump -A -s 10240 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | egrep --line-buffered "^........(GET |HTTP\/|POST |HEAD )|^[A-Za-z0-9-]+: " | sed -r 's/^........(GET |HTTP\/|POST |HEAD )/\n\1/g' ``` # HTTP Headers and body, on a given interface to a certain dst tcpdump -i ens4 -A -s 10240 'dst 172.21.43.252 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' # Postgres Queries ``` -
Jan 31, 2019 . 1 changed file with 5 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -20,4 +20,9 @@ sudo tcpdump -i eth0 -s0 -nl -w- dst port 4150 and dst net 192.168.16.138/32 | s # Better format pcap tcpdump -qns 0 -A -r /tmp/dump ``` # MQTT ``` tcpdump -s 65535 -nl -w- tcp port 1883 -i eth0 | strings -n8 ``` -
Dec 17, 2016 . 1 changed file with 4 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -16,4 +16,8 @@ tcpdump -s 65535 -nl -w- tcp port 6379 -i eth0 | strings -n8 # NSQ ``` sudo tcpdump -i eth0 -s0 -nl -w- dst port 4150 and dst net 192.168.16.138/32 | strings -n8 # Better format pcap tcpdump -qns 0 -A -r /tmp/dump ``` -
Dec 17, 2016 . 1 changed file with 5 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -11,4 +11,9 @@ sudo tcpdump -i lo -s0 -nl -w- dst port postgres | strings -n8 # Redis ``` tcpdump -s 65535 -nl -w- tcp port 6379 -i eth0 | strings -n8 ``` # NSQ ``` sudo tcpdump -i eth0 -s0 -nl -w- dst port 4150 and dst net 192.168.16.138/32 | strings -n8 ``` -
May 25, 2016 . 1 changed file with 5 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -7,3 +7,8 @@ tcpdump -A -s 10240 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]& ``` sudo tcpdump -i lo -s0 -nl -w- dst port postgres | strings -n8 ``` # Redis ``` tcpdump -s 65535 -nl -w- tcp port 6379 -i eth0 | strings -n8 ``` -
May 25, 2016 . 1 changed file with 9 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1 +1,9 @@ # HTTP Headers ``` tcpdump -A -s 10240 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | egrep --line-buffered "^........(GET |HTTP\/|POST |HEAD )|^[A-Za-z0-9-]+: " | sed -r 's/^........(GET |HTTP\/|POST |HEAD )/\n\1/g' ``` # Postgres Queries ``` sudo tcpdump -i lo -s0 -nl -w- dst port postgres | strings -n8 ``` -
May 18, 2016 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1 @@ tcpdump -A -s 10240 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | egrep --line-buffered "^........(GET |HTTP\/|POST |HEAD )|^[A-Za-z0-9-]+: " | sed -r 's/^........(GET |HTTP\/|POST |HEAD )/\n\1/g'