pktmon

Packet Monitor

Packet Monitor


pktmon

  • C:\Windows\system32\PktMon.exe /?

Output:

pktmon <command> [OPTIONS | help]
    Advanced packet capture and event collection.

Commands
    filter     Manage packet filters.
    list       List packet processing components.

    start      Start packet capture and event collection.
    stop       Stop data collection.
    status     Query current status.
    unload     Unload PktMon driver.

    counters   Display current packet counters.
    reset      Reset packet counters to zero.

    etl2txt    Convert log file to text format.
    etl2pcap   Convert log file to pcapng format.
    hex2pkt    Decode packet in hexadecimal format.

    help       Show help text for specific command.
               Example: pktmon start help

Return Code: 0


C:\Windows\system32\PktMon.exe
c:\>ver
Microsoft Windows [Version 10.0.19045.2075]
FileInfo
File Size681272bytes
Creation Time2022/07/08 08:48:58
LastWrite Time2022/07/08 08:48:58
ProductVersion10.0.19041.906
FileVersion10.0.19041.906 (WinBuild.160101.0800)
HashValue
MD5478018d0678600fa89bd62e1818412a4
SHA1de9fd408bb340aa30169c8fb0cf47d20ac4e4bdb
SHA22462be56909a3eae8aecb3b46128468dedf00acff84f546f15a7e13d02
SHA256d7a5e957eff4dce4712c0d9e9d465d803ebf47401dd1ab3bb5ddcdbd15d02c90
SHA38400f2634d5a4fae287be173313343b6d6ef843349ee266ee044adc8ee0e01b4f8263fbb93233c78556cd48d409edfd8fe
SHA512a072b240bdd7d8886bd391d3d844e19087f02ed026299800e85a838168c59e62ad6a3bdfc1c60cafa9c884432761eef36b32ae7656796ce35bbc5e1ee604bb99
Built with Hugo
Theme Stack designed by Jimmy