tcpdump Ref bởi Libor Benes (Dr. B)

tcpdump Ref provides instant, offline access to the essential command-line options and practical examples of tcpdump.

tcpdump is the classic packet analyzer used for capturing, displaying, and filtering network traffic on Linux, macOS, BSD, and other platforms.tcpdump, maintained by The Tcpdump Group (tcpdump.org), reads packets via libpcap, supports rich BPF expressions, verbose protocol decoding, hex/ASCII dumps, file rotation, IPsec decryption, monitor mode, and more. As of March 2026, development continues toward tcpdump version 5.0 with ongoing updates.

Content Coverage:
• Interface & Capture Control: -i, -D, -p, -s, -I, -j, --immediate-mode, etc.
• Output & Verbosity: -n/-nn, -v/-vv/-vvv, -A/-x/-X, -e, -q, --lengths, etc.
• File & Rotation: -w/-r, -C/-G/-W, -z, -U, etc.
• Timestamps: -t/-tt/-ttt/-tttt/-ttttt, --time-stamp-precision
• Advanced & Misc: -c, -l, -T, -Q, -F, -O, -K, --skip, etc.
• Decryption & Security: -E (ESP), -M (TCP-MD5)
• Common BPF Helpers: host, port, src/dst, tcp/udp/icmp, vlan, and/or/not, etc.
• Practical Examples: basic capture, HTTP/HTTPS, DNS, ICMP, save/rotate, SYN scans, no promiscuous, hex/ASCII dumps, exclude filters, etc.

Target Audience:
• Penetration Testers & Red Teamers.
• Network Engineers & Administrators.
• Security Researchers & Incident Responders.
• Cybersecurity Students & CTF Players.
• DevOps/SRE troubleshooting network issues.

Use Cases:
• Quick syntax recall during live captures or pcap analysis.
• Building complex BPF filters on the fly.
• Saving/rotating captures without buffer drops.
• Debugging with verbose/hex output.
• Capturing specific protocols (HTTP, DNS, ICMP) or directions.
• Learning tcpdump as a Wireshark companion or CLI alternative Extension.

Features:
• 55 curated options/flags with descriptions.
• Dynamic client-side search (flags, descriptions, categories, examples).
• Collapsible categories with 20 examples.
• One-click copy to clipboard for commands.
• Fully responsive sidebar design.
• Zero network activity, 100% offline.

Security & Privacy First:
• Only clipboardWrite permission (for copy buttons).
• No data collection – explicitly declared in manifest (Mozilla format).
• No telemetry, no external requests, no third-party code.
• Safe DOM construction (createElement / textContent / createTextNode).
• Manifest v2 compliant.
• Flat file structure, minimal code.

Technical Specs:
• Compatibility: Firefox 140.0+ (64-bit desktop).
• Runtime Execution RAM Footprint: ~15 KB (manifest.json + sidebar.html + sidebar.css + sidebar.js + data.js).
• Total Extension Download/Install Size: ~35 KB (including README.md).
• Performance: Instant load, no lag.
• Responsive search.
• Testing: Verified on Firefox 148.0.2.
• Instant load & interaction.

Whether you're sniffing traffic for anomalies, validating firewall rules, analyzing protocol behavior, or teaching network fundamentals, tcpdump Ref puts comprehensive tcpdump knowledge right beside your browser workflow – fast, private, and secure.