In this section, we'll take a look at Wireshark plugins that are available and see how to develop them.

Now, plugins in Wireshark are dissectors, and dissectors are different ways for Wireshark to analyze and take apart different protocols. If, for some reason, Wireshark is unable to interpret the data you are capturing, you can look for additional dissectors that are out there, or write your own, in order to accomplish what you wish to accomplish.

The Wireshark wiki has a page here on dissectors (https://wiki.wireshark.org/Lua/Dissectors):

It explains how, from a programmatic standpoint, you would handle designing and creating a dissector. You can see on the page that it goes through many of the details in order to do so. It has some great information on how you would handle a dissector, and what it would do and how you'd go about creating it, but it doesn't actually tell you the individual API data. You can go to the Wireshark developer's guide in order to do so (https://www.wireshark.org/docs/wsdg_html_chunked/):

In the Wireshark developer's guide, scroll down to the correct section. You'll see under Wireshark Development we have Packet dissection. Let's click on it and see what we get:

You can see it gives you an entire write-up on how dissection works within Wireshark and how you can expand upon it with Lua in order to create your own dissectors. Additionally, if you go back and go down to Section 11, you can see that there is the entire Wireshark Lua API Reference Manual:

If you happen to know Lua and you're programming your dissector, you know how to reference the appropriate APIs.