← Back to list
networking
by kiwamizamurai
CTF (Capture The Flag) learning workspace with writeups and solution scripts
⭐ 1🍴 0📅 Jan 22, 2026
Run in ManusSKILL.md
name: networking description: Analyzes network traffic and exploits protocols. Use when working with PCAP files, Wireshark captures, packet analysis, protocol exploitation, traffic forensics, or data exfiltration detection. allowed-tools: Bash, Read, Write, Grep, Glob
Networking Skill
Quick Workflow
Progress:
- [ ] Get protocol overview (tshark -z io,phs)
- [ ] Search strings for flag pattern
- [ ] Export HTTP/SMB objects
- [ ] Follow interesting streams
- [ ] Check for credentials/exfiltration
- [ ] Extract flag
Quick Analysis Pipeline
# 1. Basic info
capinfos capture.pcap
file capture.pcap
# 2. Protocol hierarchy
tshark -r capture.pcap -z io,phs
# 3. Conversations
tshark -r capture.pcap -z conv,tcp
# 4. Quick string search
strings capture.pcap | grep -i flag
tshark -r capture.pcap -Y "frame contains flag"
Reference Files
| Topic | Reference |
|---|---|
| Wireshark Filters & tshark | reference/wireshark.md |
| Protocol Analysis (HTTP, DNS, FTP, etc.) | reference/protocols.md |
| CTF Patterns & Attacks | reference/ctf-patterns.md |
Tools Quick Reference
| Tool | Purpose | Install |
|---|---|---|
| Wireshark | GUI packet analysis | brew install wireshark |
| tshark | CLI packet analysis | brew install wireshark |
| tcpdump | Packet capture | Built-in |
| tcpflow | TCP stream extraction | brew install tcpflow |
| nmap | Port scanning | brew install nmap |
| masscan | Fast port scanning | brew install masscan |
| scapy | Packet manipulation | pip install scapy |
Scapy Quick Reference
from scapy.all import *
# Read PCAP
packets = rdpcap('capture.pcap')
# Filter packets
http_packets = [p for p in packets if TCP in p and p[TCP].dport == 80]
# Extract data
for p in packets:
if Raw in p:
print(p[Raw].load)
Score
Total Score
55/100
Based on repository quality metrics
✓SKILL.md
SKILL.mdファイルが含まれている
+20
○LICENSE
ライセンスが設定されている
0/10
○説明文
100文字以上の説明がある
0/10
○人気
GitHub Stars 100以上
0/15
✓最近の活動
1ヶ月以内に更新
+10
○フォーク
10回以上フォークされている
0/5
✓Issue管理
オープンIssueが50未満
+5
✓言語
プログラミング言語が設定されている
+5
✓タグ
1つ以上のタグが設定されている
+5
Reviews
💬
Reviews coming soon
