Comment by colechristensen
11 hours ago
Recently I discovered you can use an android device as a live remote capture device for bluetooth and Internet captures and iOS for Internet captures.
Not creating a capture and then downloading it, actual real time network captures.
You can do this with any capture device if you pipe the output to a FIFO handle and open it in wireshark. It can be a bit janky and you’re usually better off using the GUI configs when they’re available. But it gives you a bunch of flexibility to do things like “capture tcpdump in a docker exec in an SSH session on a remote host” [0].
[0] https://gist.github.com/milesrichardson/fcec8c6d54a21845dd9f...