Day 50 with THM – TCPdump Win
After a few brain fog days, I struggled hard with the TCPdump room. But finally managed to focus today and worked through it.
I understood some essential commands — made a few mistakes, but didn’t rely on Google this time. Wrote things down in my notepad, tried them out, and solved it step by step.
Commands I used in the THM TCPdump room:
tcpdump -i any -nn port 80
tcpdump -i eth0 'tcp and port 443'
tcpdump -r traffic.pcap 'icmp'
Also explored filtering, advanced filters, and flags like -q, -X, -xx, -A, -e.
Feeling a bit more confident with TCPdump now.