NETCAP
NETCAP
Overview
GitHub
Homepage
GoDoc
Overview
Protocol Support
Specification
Installation
Quickstart
Packet Collection
Audit Record Labeling
HTTP Proxy
USB Capture
Payload Capture
Distributed Collection
Workers
Filtering and Export
Downloads
Internals
Metrics
Python Integration
FAQ
Extension
Contributing
License
Powered by GitBook

Payload Capture

Capture full packet payloads

It is now possible to capture payload data for the following protocols: TCP, UDP, ModbusTCP, USB

This can be enabled with the -payload flag:

$ net.cap -r traffic.pcap -payload

Setting the flag works for both live and offlline capture, afterwards the raw payload bytes are stored in the Payload field of the audit records.

Previous
USB Capture
Next
Distributed Collection
Last updated 3 months ago