Wireshark captures network packets and provides an interface for analysis.
To demonstrate, begin a packet capture with Wireshark, create some network traffic, then perform some analysis.
Begin a packet capture with Wireshark. In the case of systems with multiple network adapters, selecting a particular device may be important. If unsure of what adapter to select, choose the ‘any’ option, as this combines all possible adapters in the packet capture.
Continue by creating network traffic with Netcat. To do this, create a listener, send some data to the listener, then use Wireshark to find the data.
Create a Netcat network listener on port 1337 and direct the received data to a file named received_data.txt.nc -l -p 1337 > received_data.txt
Next send some data using Netcat. This sends the contents of the plaintext.txt file to some host, 192.168.1.13, on port 1337. The listener must be started before sending data.nc 192.168.1.13 1337 < plaintext.txt
Now stop the packet capture and review the packets captured. Find the data segment of the packet with the contents of the original plaintext.txt file.
Voila