TL;DR: Wireshark filters, tshark scripting, follow-stream, extract-objects. Reconstruct files and exploit chains from packets.
Stub — to be filled in.
What it is
TODO
Preconditions / where it applies
TODO
Technique
TODO
Detection and defence
TODO
References