If you want to extract the tcp payload of a set of packets (A tcp stream for example) Below command comes handy.
tshark -r test.pcap -2 -R"tcp.port==444" -T fields -e data | tr -d '\n' | xxd -r -p > layer7_data
xxd converts ASCII hex to binary.
tshark -r test.pcap -2 -R"tcp.port==444" -T fields -e data | tr -d '\n' | xxd -r -p > layer7_data
xxd converts ASCII hex to binary.
