competition-pcap-protocol
CommunityRebuild sessions, decode protocols, link evidence.
Data & Analytics#forensics#pcap#network-analysis#session-reconstruction#artifact-extraction#protocol-decoding
Authorxjtu-wang
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This skill helps analysts reconstruct network sessions from PCAP captures, decode application-layer protocols, and tie observed packet sequences to host or malware behavior, enabling precise challenge-solving and evidence linking.
Core Features & Use Cases
- Reconstruct TCP/UDP sessions from PCAP files and align related streams for coherent analysis.
- Decode common protocols (HTTP, WebSocket, DNS, and custom C2) and map payloads to behavior or artifacts.
- Correlate packet-level evidence with host activity and challenge paths after sandbox context is established.
- Support downstream orchestration via
$ctf-sandbox-orchestratorto ensure environment consistency.
Quick Start
Run this skill after the $ctf-sandbox-orchestrator is active to reconstruct PCAP sessions, decode application protocols, and link packet evidence to the challenge behavior.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: competition-pcap-protocol Download link: https://github.com/xjtu-wang/DigAgent/archive/main.zip#competition-pcap-protocol Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.