How to use tcpdump on Windows : in this article, discussed “How to use tcpdump on window”.
Prerequisite to capture packet on windows: –
- Windump – Its Windows version of tcpdump
- WinCap – it allows applications to capture and transmit network packets.
- Wireshark – to open the pcap file need Wireshark.
Find below link to download Windump:
Find below link to download WinPcap:
Find below link to download wireshark:
Step 1: Download and install above software.
Step 2: Open a Command Prompt with Administrator Rights & go to the folder where windump is located.
In our scenario Windump location is C:\User\Irshad\Desktop\temp
Step 3 -> First determine the ID of the Network Interface Card (NIC). The following command lists the set of NICs:
Step 4 -> type below command
- -i is the interface no (i.e 1)
- -q is quit mode
- -w – Write – to write the capture logs
- -r – Read – to see capture logs on console window
- path where you want to save the capture file.
Now change the file name extension with (.pcap ) and open with wireshark