# Standards - Network Packet Capture Analysis
## Standards
- NIST SP 800-86: Guide to Integrating Forensic Techniques
- RFC 791 (IP), RFC 793 (TCP), RFC 768 (UDP)
- PCAP file format: https://wiki.wireshark.org/Development/LibpcapFileFormat
- PCAPNG format: https://pcapng.com/
## Tools
- Wireshark: GUI packet analyzer
- tshark: Command-line packet analyzer
- tcpdump: Packet capture utility
- Scapy (Python): Packet manipulation library
- Zeek (Bro): Network security monitoring
- NetworkMiner: Network forensic analysis tool