Hi rk3y.
How to analyze specific stations?
That depends on the depth of you analysis. For a simple analysis run:
hcxdumptool -> hcxpcaptool -T trafficlist *.cap
Result is a list, containig simple network relationships (european date : timestamp : mac_sta : mac_ap : essid)
Then use simple bash commands to filter the requiered informations (cat, grep , tail, head, awk).
To do a deep analysis, use wireshark. Wireshark contains a filter for every task, so there is no need for me to implement this to hcxtools.
BTW:
wlandump-ng and wlancap2hcx are outdated. I will remove them soon, because the depend on libpcap. Using raw sockets makes us much more flexible.
How to analyze specific stations?
That depends on the depth of you analysis. For a simple analysis run:
hcxdumptool -> hcxpcaptool -T trafficlist *.cap
Result is a list, containig simple network relationships (european date : timestamp : mac_sta : mac_ap : essid)
Then use simple bash commands to filter the requiered informations (cat, grep , tail, head, awk).
To do a deep analysis, use wireshark. Wireshark contains a filter for every task, so there is no need for me to implement this to hcxtools.
BTW:
wlandump-ng and wlancap2hcx are outdated. I will remove them soon, because the depend on libpcap. Using raw sockets makes us much more flexible.