0xtf/tcprewrite-cheat-sheet

## tcprewrite-cheat-sheet
Visualization (tcpdump, tshark)

tcpdump -qns 0 -X -r file.pcap
tcpdump -qns 0 -A -r file.pcap
tcpdump -X -r file.pcap
tshark -r file.pcap -V

Packet manipulation (tcprewrite)

Port: tcprewrite --portmap=OLDPORT:NEWPORT -i in.pcap -o out.pcap
Dest IP: tcprewrite --dstipmap=OLDIP:NEWIP -i in.pcap -o out.pcap
Regardless of Dest IP: tcprewrite --dstipmap=0.0.0.0/0:NEWIP -i in.pcap -o out.pcap

Packet manipulation (tshark)
Extract based on flow: tshark -nr input.pcap -Y "tcp.stream eq 1" -w stream.pcap

Packet replay (tcpreplay)

Loop file: tcpreplay -i eth0 --loop=10 final.pcap
	Visualization (tcpdump, tshark)

	tcpdump -qns 0 -X -r file.pcap
	tcpdump -qns 0 -A -r file.pcap
	tcpdump -X -r file.pcap
	tshark -r file.pcap -V

	Packet manipulation (tcprewrite)

	Port: tcprewrite --portmap=OLDPORT:NEWPORT -i in.pcap -o out.pcap
	Dest IP: tcprewrite --dstipmap=OLDIP:NEWIP -i in.pcap -o out.pcap
	Regardless of Dest IP: tcprewrite --dstipmap=0.0.0.0/0:NEWIP -i in.pcap -o out.pcap

	Packet manipulation (tshark)
	Extract based on flow: tshark -nr input.pcap -Y "tcp.stream eq 1" -w stream.pcap

	Packet replay (tcpreplay)

	Loop file: tcpreplay -i eth0 --loop=10 final.pcap