NETCAP
OverviewGitHubHomepageGoDoc
v0.4.1
v0.4.1
  • Overview
  • Protocol Support
  • Specification
  • Installation
  • Quickstart
  • Packet Collection
  • Audit Record Labeling
  • HTTP Proxy
  • USB Capture
  • Payload Capture
  • Distributed Collection
  • Workers
  • Filtering and Export
  • Downloads
  • Internals
  • Metrics
  • Python Integration
  • FAQ
  • Extension
  • Contributing
  • License
Powered by GitBook
On this page

Payload Capture

Capture full packet payloads

It is now possible to capture payload data for the following protocols: TCP, UDP, ModbusTCP, USB

This can be enabled with the -payload flag:

$ net.cap -r traffic.pcap -payload

Setting the flag works for both live and offlline capture, afterwards the raw payload bytes are stored in the Payload field of the audit records.

PreviousUSB CaptureNextDistributed Collection

Last updated 5 years ago