我想知道wireshark是否有办法重建完整的TCP会话(HTML页面),如果我们有wireshark pcaps,wireshark可以重建吗?还是有任何工具可以做重建?从源文件传输的数据可以被压缩(Gzip)或未压缩,重建的最终结果应该是一个有效的完整HTML页面及其所有内容。
使用。它基于justniffer,它是重建tcp流的优秀工具。
I wonder if there is a way in wireshark to reconstruct a complete TCP Session (HTML page(s)) if we have wireshark pcaps, can wireshark do the reconstruction? or is there any tool around that can do the reconstruction? Data streamed from a source could be compressed(Gzip) or uncompressed and the end result of reconstruction should be a valid complete HTML page with all of its contents.
Use justniffer-grab-http-traffic .It is based on justniffer and it is an excellent tool for rebuilding tcp streams.
这篇关于从WireShark pcaps完整重构TCP会话(HTML页面),任何工具都可以使用它?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!