diff --git a/pages/common/ngrep.md b/pages/common/ngrep.md
new file mode 100644
index 0000000000..06d4740879
--- /dev/null
+++ b/pages/common/ngrep.md
@@ -0,0 +1,23 @@
+# ngrep
+
+> Filter network traffic packets using regular expressions.
+
+- Capture traffic of all interfaces:
+
+`ngrep -d any`
+
+- Capture traffic of a specific interface:
+
+`ngrep -d {{eth0}}`
+
+- Capture traffic crossing port 22 of interface eth0:
+
+`ngrep -d {{eth0}} port {{22}}`
+
+- Capture traffic from or to a host:
+
+`ngrep host {{www.example.com}}`
+
+- Filter keyword 'User-Agent:' of interface eth0:
+
+`ngrep -d {{eth0}} '{{User-Agent:}}'`