格式化显示json:
https://tool.jisuapi.com/json.html
远程抓包:
"C:\Program Files\EVE-NG\plink.exe" -ssh -batch -pw 1 root@192.168.21.161 "tcpdump -U -i ens33 -s 0 -w - not host 192.168.21.1" | "C:\Program Files\Wireshark\Wireshark.exe" -k -i -
WINDOWS抓包:
启动抓包:netsh trace start capture=yes
停止抓包:netsh trace stop //输出结果是一个etl文件
etl2pcapng.exe将etl转换成cap格式
