Detection, Mitigation & Response

Detect and mitigate DDoS attacks in under 1 second, respond automatically, and keep your users informed.

All features →
1-Second Detection
Know the instant traffic spikes. PPS checked every second.
Attack Classification
Identifies 8 attack types with protocol-level confidence scores.
Node Firewall Rules
Per-server iptables, null-routes, CDN rules & scripts.
Cloud Scrubbing
Auto-divert to Cloudflare, OVH, or Hetzner on attack detection.
BGP Mitigation
Auto-deploy FlowSpec, RTBH blackhole & rate-limiting via BGP.
Multi-Channel Alerts
Discord, Slack, PagerDuty, OpsGenie, SMS, email, webhooks.
IOC Pattern Matching
Identify Mirai, LOIC & botnets via payload-level indicator matching.
PCAP Capture
Full packet capture with AI-powered forensic analysis.
Status Pages
Auto-updated public incident pages for your users.
Real-Time Analytics Dynamic Baselines Threat Intel Multi-Node Maintenance Audit Log
Learn
Documentation Quick Start API Reference Agent Setup DDoS Protection Landscape State of DDoS 2026 REPORT Free Certifications NEW
Research & Guides
Mirai Botnet Kill Switch Research memcached Amplification Dynamic Baselines PCAP Forensics PagerDuty Setup
Company
About Us Partners White Label Referral Program Pay with Crypto System Status
Legal & Support
Contact Us Terms Privacy SLA
Who Uses Flowtriq

From indie hosts to ISPs, see how teams like yours use Flowtriq to detect and stop DDoS attacks.

Talk to Us →
Infrastructure
Hosting Providers ISPs MSPs Small Operators Routers Edge Node Defense
Gaming
Game Server Hosting Game Studios
Business
SaaS Platforms E-Commerce Financial Services
Home/Tools/Capture Cheatsheet

Free Tool

TCPDump & Wireshark Cheatsheet Generator

Select your use case, customize the parameters, and get ready-to-use tcpdump commands and Wireshark filters with step-by-step workflow instructions.

Select a Scenario

Detect SYN Flood
Capture DNS Traffic
Filter by IP Range
Analyze HTTP Traffic
Detect UDP Flood
Monitor NTP Amplification
Inspect TLS Handshakes
Track ICMP / Ping
Detect Port Scans
Capture VLAN Traffic
Monitor BGP Sessions
Analyze Memcached Amplification
Custom Scenario

Capture Options

Leave empty for all traffic

Custom Parameters

TCPDump Commands

Wireshark Display Filters

Combined Workflow

Detection Indicators

    Related Flowtriq Detection

    Why Use a Capture Cheatsheet?

    Network packet capture is the foundation of traffic analysis and DDoS forensics. TCPDump and Wireshark are the two most widely used tools for this purpose, but remembering the exact syntax for every scenario can be difficult. This cheatsheet generator gives you accurate, ready-to-use commands tailored to your specific situation, whether you are investigating a SYN flood, analyzing DNS amplification, or tracing TLS handshake issues.

    Each generated cheatsheet includes multiple command variations so you can choose between quick terminal analysis with tcpdump and deep packet inspection in Wireshark. The combined workflow section ties both tools together into a practical investigation procedure.

    From Manual Capture to Automated Detection

    While tcpdump and Wireshark are invaluable for manual investigation and post-incident forensics, they require an engineer to be actively watching. Flowtriq automates the detection side of this equation. Every pattern you would search for manually, such as SYN flood signatures, DNS amplification spikes, and anomalous packet rates, is monitored continuously in real-time across all your nodes with 1-second detection granularity.

    Automate What You Capture Manually

    Flowtriq detects DDoS attacks in 1 second. No tcpdump required.

    Start Your Free Trial
    Export your results