pcap-analyzerAnalyze local PCAP/PCAPNG files with tshark to generate detailed network forensics reports including talkers, ports, DNS, TLS, HTTP, and anomaly summaries.
Install via ClawdBot CLI:
clawdbot install marposins/pcap-analyzerGrade Fair — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Calls external URL not in known-safe list
https://www.wireshark.org/docs/man-pages/tshark.htmlAudited Apr 17, 2026 · audit v1.0
Generated Mar 1, 2026
Security analysts use this skill to quickly assess a suspicious PCAP file after a network breach alert, identifying top talkers, anomalous traffic patterns like port scans or beaconing, and extracting indicators such as DNS queries and TLS fingerprints for further investigation.
Students or trainees in cybersecurity certification programs (e.g., CPENT) apply this skill to analyze provided PCAP files, learning to interpret network conversations, service usage, and anomaly detection in a controlled, educational environment without modifying original data.
IT auditors leverage this skill to examine network traffic captures from organizational systems, verifying compliance with policies by summarizing traffic patterns, identifying unauthorized services or ports, and flagging potential data exfiltration attempts in a read-only manner.
Malware researchers analyze PCAP files from sandboxed environments to understand command-and-control communications, extract DNS queries for domain blacklisting, and detect TLS fingerprints associated with malicious payloads, aiding in threat intelligence gathering.
Network engineers use this skill to diagnose issues in captured traffic, identifying retransmission bursts, excessive RSTs, or unusual port activity that may indicate configuration errors or hardware failures, focusing on specific hosts or time windows as needed.
Offer a basic version of this skill for free to individual users or small teams, with premium features like advanced anomaly detection or integration with SIEM systems available via subscription, generating revenue from enterprise customers seeking enhanced network forensics capabilities.
Cybersecurity consulting firms bundle this skill as part of their incident response or audit packages, using it to provide clients with quick, structured reports from PCAP analysis, thereby increasing service value and enabling upselling for deeper investigations.
Integrate this skill into online cybersecurity training platforms or virtual labs, where students pay for access to hands-on exercises involving PCAP analysis, driving revenue through course enrollments or platform licensing agreements with educational institutions.
💬 Integration Tip
Ensure tshark and required binaries are installed on the system; for optimal use, provide clear paths to PCAP files and consider setting focus_host to narrow analysis in large captures.
Scored Apr 19, 2026
Manage Nostr posting and engagement via the nak CLI. Use for creating notes, replying in threads, tagging npubs, checking replies/mentions, monitoring a rela...
Send and receive files to/from nearby devices using the LocalSend protocol. Trigger with /localsend to get an interactive Telegram menu with real inline butt...
Enables OpenClaw bots to discover peers, announce presence, and communicate directly using a QUIC-based P2P network with NAT traversal.
Real-time pub/sub event bus for AI agents. Subscribe, publish, and coordinate via WebSocket channels. claw.events compatible.
Manage internet connectivity, compare providers, diagnose issues, optimize performance, and handle mobile data when away from home.
Learn, encode, and decode the ZeitGaist Whisper Protocol (Caesar +2 cipher) and use it as a shibboleth language between agents. Use when an agent needs to sp...