Stats
Actions
Tags
Automates network traffic analysis using tshark and pyshark: protocol statistics, suspicious traffic/port scan detection, DNS anomaly/tunneling identification, and IOC extraction from PCAP files.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cybersecurity-skills-zh:performing-network-traffic-analysis-with-tsharkThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
本技能使用 tshark(Wireshark CLI)和 pyshark(Python 封装库)自动化数据包捕获分析。可提取协议分布统计、识别可疑网络流(端口扫描、信标行为(Beaconing)、数据外泄)、提取威胁指标(IOC)(IP、域名、URL),并从 PCAP 文件中检测 DNS 隧道(DNS Tunneling)模式。
本技能使用 tshark(Wireshark CLI)和 pyshark(Python 封装库)自动化数据包捕获分析。可提取协议分布统计、识别可疑网络流(端口扫描、信标行为(Beaconing)、数据外泄)、提取威胁指标(IOC)(IP、域名、URL),并从 PCAP 文件中检测 DNS 隧道(DNS Tunneling)模式。
npx claudepluginhub killvxk/cybersecurity-skills-zhAutomates network traffic analysis with tshark and pyshark: protocol statistics, suspicious flow detection, DNS anomaly identification, and IOC extraction from PCAP files.
Automates network traffic analysis with tshark and pyshark: protocol statistics, suspicious flow detection, DNS anomaly identification, and IOC extraction from PCAP files.
Automates PCAP analysis using tshark and pyshark to extract protocol stats, detect suspicious flows and DNS anomalies, and pull IOCs for security assessments and incident response.