This is a comprehensive PCAP analysis reference that covers the full forensics workflow, from repairing corrupted captures to extracting credentials and detecting covert channels. You get battle-tested Wireshark filters, protocol-specific analysis techniques for HTTP/DNS/FTP/SMTP/USB/WiFi, and practical tshark command lines for scripting. The USB HID keyboard decoding section and DNS tunneling detection heuristics are especially useful since those patterns aren't obvious from documentation alone. Load this when you're analyzing network captures for CTFs, incident response, or malware traffic analysis. It's structured as a quick reference rather than a tutorial, so you can jump straight to the protocol or technique you need.
npx skills add https://github.com/yaklang/hack-skills --skill traffic-analysis-pcap