Packet analyzer specializing in TCP analysis.

Learn more
Hide text
TcpShark is CLI utility which uses Wireshark as an analysis engine.

We cannot investigate a network trouble packets without analyzing packets. However, even with Wireshark, it requires craftsmanship and experience to analyze large amount and more comprex TCP streams.
This utility graphically displays the packet flow on a TCP stream. Thereby, it easy for anyone to understand the end-to-end data flow.
I'm sure that TcpShark help your troubleshooting as a complementary utility to Wireshark.


  • Unique format
  • Data size, window size, and SEQ/ACK number are displayed in an well-ordered column. So, you become easier to read the tendency / change in each field of TCP header.

  • Intuitive design
  • Packet direction, TCP flags (e.g. SYN, RST) and analysis information (e.g. packet loss, retransmission) are displayed with coloured lettering. So, you become easier to notice abnormalities even in a large amount of captured data.

  • Customizable
  • Various protocol fields supported by Wireshark (e.g. HTTP request URI, HTTP status code) can be display optionally. So, you can analyze in association with protocol information other than TCP.


  1. Downloads the file 'tcpshark.txt' from the link below.
  2. Removes extension '.txt' from the filename.
  3. Sets up with reference to


  • list mode
  • Lists the TCP streams with in capture data.
  • flow mode
  • Displays the TCP stream specified by identifier (Index in list mode).
  • one mode
  • Displays the TCP packet specified by frame number (No. in flow mode).
  • Analysis information
  • Displays the TCP analysis information (e.g. packet loss, duplicate ack) supported by Wireshark with coloured lettering.
image1 image1
  • Custom field
  • Displays any field (e.g. TCP RTT) additionaly.
image1 image1
Hide text

HomePage      Dwonload      GitHub
TcpShark runs on terminal in Linux/Solaris/macOS/Windows.