Published: 2024-06-03 Last Updated: 2024-06-03 11:00:11 UTC by Didier Stevens (Version: 1) I developed a Wireshark dissector in Lua to parse binary protocols (over TCP) that are composed of fields with fixed lengths. I got this idea while taking a SANS ICS training: for protocol reversing, it would be useful to have a dissector where I can configure the fields (length, type, name, ...). As an exam
![SANS - Internet Storm Center - Cooperative Cyber Threat Monitor And Alert System](https://cdn-ak-scissors.b.st-hatena.com/image/square/ebfdc9054c32b406f061fe47ffd9281d8923007c/height=288;version=1;width=512/https%3A%2F%2Fisc.sans.edu%2Fimages%2Flogos%2Fisc%2Flarge.png)