パケット モニター
pktmon
- C:\Windows\system32\PktMon.exe /?
Output:
pktmon <command> [OPTIONS | help]
Advanced packet capture and event collection.
Commands
filter Manage packet filters.
list List packet processing components.
start Start packet capture and event collection.
stop Stop data collection.
status Query current status.
unload Unload PktMon driver.
counters Display current packet counters.
reset Reset packet counters to zero.
etl2txt Convert log file to text format.
etl2pcap Convert log file to pcapng format.
hex2pkt Decode packet in hexadecimal format.
help Show help text for specific command.
Example: pktmon start help
Return Code: 0
C:\Windows\system32\PktMon.exe
c:\>ver
Microsoft Windows [Version 10.0.19045.2075]
| File | Info |
|---|---|
| File Size | 681272bytes |
| Creation Time | 2022/07/08 08:50:36 |
| LastWrite Time | 2022/07/08 08:50:36 |
| ProductVersion | 10.0.19041.1889 |
| FileVersion | 10.0.19041.1889 (WinBuild.160101.0800) |
| Hash | Value |
|---|---|
| MD5 | 478018d0678600fa89bd62e1818412a4 |
| SHA1 | de9fd408bb340aa30169c8fb0cf47d20ac4e4bdb |
| SHA224 | 62be56909a3eae8aecb3b46128468dedf00acff84f546f15a7e13d02 |
| SHA256 | d7a5e957eff4dce4712c0d9e9d465d803ebf47401dd1ab3bb5ddcdbd15d02c90 |
| SHA384 | 00f2634d5a4fae287be173313343b6d6ef843349ee266ee044adc8ee0e01b4f8263fbb93233c78556cd48d409edfd8fe |
| SHA512 | a072b240bdd7d8886bd391d3d844e19087f02ed026299800e85a838168c59e62ad6a3bdfc1c60cafa9c884432761eef36b32ae7656796ce35bbc5e1ee604bb99 |