> > > As far as CLI tools go, sorry, I'm not sure what's available. Never had > > a need to look into those. >
tcpdump is the most common CLI tool. Handy if you want to capture to a file on a unix based firewall or F5 etc so you can then view it in Wireshark on your workstation. > So Wireshark is a GUI tool? > Yes. It has crypto decode for SSL if you have the private key, so it might also be possible to have it decode WPA since you have the key - RTFM to find out for sure. Depending on how the crypto works you may need to have captured the beginning of the crypto setup to be able to decode, as that's where the session key will be exchanged. Cant remember if WPA does that or not.
