Going through a pcap file to search a string is timeconsuming. It’s way faster to let tcpflow
and grep do the work.
1 2 3 4 5 6 |
cat << END_ENTRY>> strings password username hugo betty END_ENTRY |
We will use that file to check if there are any matches.
1 |
tcpflow pcap -c | grep -i -f strings > hits |