hosting image

1 click : capture packet in windows server pcap

Mohad tech May 15, 2021

Fast Auto method :

Fast way is to use our c++ console app that we made who do the below steps ,it will get you pcap file in your Desktop.

Capture.exe already located in your desktop server you have created with us !  , you can download it here

 

Manual :

using windows pktmon ( built in windows 10 ) .

the pktmon tool allows you to display monitored packets in real-time and to convert the native ETL files to the PCAPNG format, which can be read by us to analyze the attack pattern.

Steps :
  • Open Windows Command Prompt as an administrator.
  • Go to Desktop  ( cd Desktop ).
  • start capturing ( pktmon start –etw -c ).

  • wait at least 10 seconds during the attack not more.
  • stop the packet capture ( pktmon stop ).

  • file will be generated in your desktop.
  • convert the ETL to the WireShark supported pcapng format with the following command ( pktmon pcapng PktMon.etl out.pcapng).

  • You can now open that file in wireshark and view the packet capture, share it with us !

Tags:
  • Share :

Leave a Reply

Your email address will not be published. Required fields are marked *

X
1 click : capture packet in windows server pcap

Far far away, behind the word moun tains, far from the countries Vokalia and Consonantia, there live the blind texts. Separated they live in Bookmarksgrove right at the coast of

  • 759 Pinewood Avenue

    Marquette, Michigan

  • [email protected]

    Online Support

  • 906-624-2565

    Mon-Fri 8am-5pm
Purchase Now