Open in app

Sign in

Write

Sign in

FREE Wireshark Mini Course | From Beginner to Advanced in Under 2 Hours

Motasem Hamdan
2 min readAug 12, 2024

--

In this mini course, we presented the popular packet analyzer Wireshark covering its GUI interface, navigation, packet analysis & dissection, data extraction & export, operators, traffic analysis and finishing with scenarios inspired from cyber security CTF challenges.

Table of Contents:

  • Section One: Wireshark Basics
  • Section Two: Packet Analysis: this includes analyzing packets with different network protocols such as http, https, dns, dhcp, icmp..etc.
  • Section Three: Exploit Analysis
  • Section Four: Analyzing a Hacked Website
  • Section Five: RCE Detection

Offensive Security Certified Professional Study Notes and Guide

This is a 1459 pages of notes that will guide and help you prepare for and pass the OSCP exam taking into account the…

buymeacoffee.com

Network Traffic Analysis Study Notes

Who Are These Notes For?Cybersecurity students preparing for certification exams such as Cisco cyberops, COMPTIA…

buymeacoffee.com

Course Access

Course is free and can be accessed from this link.

Some concepts that are discussed in this mini course

Packet Capturing

Packet capture refers to capturing network packets transmitted over a network, and packet replay refers to sending packets back out over the network. You can capture packets using a protocol analyzer, which is sometimes called sniffing or using a sniffer.

Traffic Analysis

Traffic Analysis is a method of intercepting, recording/monitoring, and analyzing network data and communication patterns to detect and respond to system health issues, network anomalies, and threats. The network is a rich data source, so traffic analysis is useful for security and operational matters. The operational issues cover system availability checks and measuring performance, and the security issues cover anomaly and suspicious activity detection on the network.

What is Wireshark?

Wireshark is an open-source, cross-platform network packet analyser tool capable of sniffing and investigating live traffic and inspecting packet captures (PCAP). It is commonly used as one of the best packet analysis tools.

Comparison Operators in Wireshark
[1]

eq OR == 
ne OR !=
gt OR
lt OR
ge OR =
le OR =

[2]

"contains" : Search a value inside packets. It is case-sensitive and provides similar functionality to the "Find" option by focusing on a specific field.

Example: List all HTTP packets where packets’ “server” field contains the “Apache” keyword.

http.server contains "Apache"
Wireshark
Infosec
Cybersecurity
Hacking
Course

--

--

Motasem Hamdan
Motasem Hamdan

Written by Motasem Hamdan

541 Followers
10 Following

Motasem Hamdan is a content creator and swimmer who creates cyber security training videos and articles. https://www.youtube.com/@MotasemHamdan

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams