A collection of useful wireshark/tshark plugins
*Plugins directly included in this repo have been tested and verified as functioning.
If they are available on GitHub, they are included as submodules. Others have been copied from the sources cited below.
| PLUGIN | SOURCE |
|---|---|
| 1905.1 Protocol Dissector | sourceforge.net |
| Microsoft Lync / Skype for Business Plugin | Microsoft |
| MPEG2 Transport Stream Packets Dump | Cisco |
| TCP Statistics | wiki.wireshark.org |
Disclaimer: plugins listed below have not been tested!
**Denotes that plugin was written in a language other than Lua.
| PLUGIN | DESCRIPTION |
|---|---|
| Aerospike Plugin | Plugin to interpret Aerospike wire protocol |
| amos-ss16-proj3 | Plugin for monitoring DoIP network traffic |
| Cap'n Proto RPC protocol dissector | Cap'n Proto RPC protocol dissector custom plugin by Kaos |
| CITP-Dissector | Wireshark CITP Lua Dissector |
| Cloudshark Plugin | Upload captures directly to CloudShark from Wireshark |
| h264extractor | Extract H.264 or opus stream from rtp packets |
| HEP Wireshark | Wireshark Dissector for the HEP Encapsulation Protocol |
| KDNET Debugger | Windows Kernel Debugger over Network |
| KSNIFF | Kubectl plugin to ease sniffing on Kubernetes pods using tcpdump and Wireshark |
| MQTT Dissector | Authorizes Wireshark to identify and display clearly MQTT messages decoding fixed and variable header |
| protobuf dissector | Lua plugin for decoding Google protobuf packets |
| Pyreshark** | Provides a simple interface for writing dissectors in Python |
| RFC8450 VC2 Dissector | Wireshark plugin to parse RTP streams implementing the VC-2 HQ payload specification |
| RSocket | Wireshark/tshark Plugin in C for RSocket & supports all RSocket frames, except resumption |
| RTP Video and Audio Dissector Wireshark Plugin | Wireshark plugin for H.265, H.264, PS, PCM, AMR, and SILK Codecs by hongch911 |
| SAP Dissector Plugin for Wireshark | Provides dissection of SAP's NI, Message Server, Router, Diag, Enqueue, IGS, SNC and HDB protocols |
| STOMP Dissector | STOMP dissector for Wireshark |
| suriwire | Displays Suricata analysis info |
| Wireshark DLMS | Dissects DLMS APDUs in HDLC frames, IEC 61334-4-32 frames, wrapper frames, or raw data |
| Wireshark Plugin AFDX | AFDX protocol dissector for Wireshark |
| WiresharkLIFXDissector | Dissects packets of the LIFX LAN Protocol |
