Automates network traffic analysis using tshark and pyshark: protocol statistics, suspicious traffic/port scan detection, DNS anomaly/tunneling identification, and IOC extraction from PCAP files.
npx claudepluginhub killvxk/cybersecurity-skills-zhThis skill uses the workspace's default tool permissions.
本技能使用 tshark(Wireshark CLI)和 pyshark(Python 封装库)自动化数据包捕获分析。可提取协议分布统计、识别可疑网络流(端口扫描、信标行为(Beaconing)、数据外泄)、提取威胁指标(IOC)(IP、域名、URL),并从 PCAP 文件中检测 DNS 隧道(DNS Tunneling)模式。
Automates PCAP analysis using tshark and pyshark to extract protocol stats, detect suspicious flows and DNS anomalies, and pull IOCs for security assessments and incident response.
Automates PCAP analysis using tshark and pyshark for protocol stats, top talkers, suspicious flows, DNS anomalies, and IOC extraction in security investigations.
Captures and analyzes network packets using Wireshark and tshark to identify malicious traffic patterns, diagnose protocol issues, extract artifacts, and support authorized incident response investigations.
Share bugs, ideas, or general feedback.
本技能使用 tshark(Wireshark CLI)和 pyshark(Python 封装库)自动化数据包捕获分析。可提取协议分布统计、识别可疑网络流(端口扫描、信标行为(Beaconing)、数据外泄)、提取威胁指标(IOC)(IP、域名、URL),并从 PCAP 文件中检测 DNS 隧道(DNS Tunneling)模式。