Are you in a situation where you need to capture and analyze network traffic, but don’t have Wireshark or TCPDump at your disposal? Don’t worry, there’s still a solution. Enter pktmon.
While it may not be the most sophisticated tool out there, pktmon is a viable option for monitoring traffic in real-time. With its lightweight and efficient design, you can quickly capture and analyze packets without the need for any additional software installations.
So, how exactly does pktmon work? It uses the Windows Filtering Platform (WFP) to capture network traffic at the packet level. This allows you to examine specific details about each packet, such as its source and destination address, protocol, and payload.
But what makes pktmon really stand out is its ability to filter traffic based on specific criteria. For example, you can use it to only capture traffic from a specific IP address, port, or protocol. This makes it a powerful tool for troubleshooting network issues or identifying potential security threats.
While pktmon may not be the most robust traffic monitoring tool out there, it’s certainly a valuable option to have in your arsenal and its already installed π So the next time you find yourself in need of capturing and analyzing network traffic, give pktmon a try – you might just be surprised by what it can do.
#start the traffic capture
pktmon start -c
#stop the traffic capture
pktmon stop
#convert the file so you can view it in notepad
pktmon etl2txt <etl file>
Nvidia is always a pain in the ass on Linux. Especially with a old white 2010 macbook. I have black screen issues every time so I create this article so I can easy find it when I reinstall this laptop π
First find the right identifiers.
We need both the IDs for the graphics card and the PCI-E bridge that it is connected to. Issue the following command in a shell:
Have a look at (1) the line saying display and (2) the line with bridge right before that display line. Write down the PCI-E bus ids (format XX:YY.Z) of the bridge device (here 00:17.0) and the display device (here 04:00.0) and remember which is which. Note: Those IDs may be different on your machine, depending on your Mac model and revision.
Create a GRUB script for setting the PCI-E registers during boot
Fire up a text editor with sudo nano /etc/grub.d/01_enable_vga.conf and copy/paste the content below. Make sure to paste all 4 lines into that file! Replace00:17.0 with the PCI-E ID of your bridge device noted in step 1. Replace04:00.0 with the PCI-E ID of your display device noted in step 1.
To automate some tasks with PowerShell on a website you sometimes need to log in. Today I tried some curl and postman tricks but it isnβt hard if you know what to script with PowerShell and bypass all other tools.
First, find a website to log in to, then check the page source and what the submit button does. In this example, it is βInloggenβ (dutch for login).
Then start the developer tools (F12), select the network tab, enter the credentials and login.
Now check the POST request in the developer tools.
Open the website and find out what the __RequestVerificationToken must be
Create a body with the credentials, the login form submit and the __RequestVerificationToken
Do the actual login and save the web session (cookies and stuff).
Now we can use the previous web session to check all the backend stuff
Edit: 10-5-2024
In the comments I get 2 questions from Laerte Junior:
How do I get the $LoginUri
How do I get the $BackendUri
Let start with the first one. In this example I use Firefox and the zwemscore example
Press F12 (Developers Options)
Now Login to the website and check the POST URL (right click copy)
and you get the $LoginUri
When you do an successful login you can see all the backend URI’s. In my case was “Les Inhalen” the one I want to scrape the data from. So I click “Les Inhalen”
And I get the $BackendUri
Now run the first 3 lines from the script in PowerShell
My use case for a customer was to configure WSUS for a couple of DMZ servers. The DMZ servers are not domain-joined. So I create a PowerShell script to configure the registry so I can easily deploy the settings to the servers.
You can use this script also for non domain-joined servers