2.3 tcpdump

Tcpdump is a command line tool that can be used to capture traffic being sent over a network. This allowed us to see packets being sent and received by target machines as well as group networks, and then view the packet headers and contents that were being transmitted. Tcpdump was great because of the verbosity and configurations that you could apply while capturing traffic. Having a command line tool was useful since the majority of us used ssh to access Kali. We used tcpdump to see if traffic was being sent to a specific host, as well as what type of traffic and if it contained any useful information.