Wireshark Mastery
Course Description
Wireshark is essential for network analysis, troubleshooting, and forensics. This course teaches you to capture, filter, and analyze network traffic like a professional.
Learning Objectives
By the end of this course, you will be able to:
- Capture network traffic effectively
- Filter traffic using display and capture filters
- Analyze protocol conversations
- Detect malicious network activity
- Extract files and credentials from captures
- Document network forensic findings
Modules
Module 1: Wireshark Fundamentals (5h)
- Interface overview
- Capture options
- Profile management
- Preferences configuration
- Coloring rules
Module 2: Capture Filters (5h)
- BPF syntax
- Host and network filters
- Protocol filters
- Port filters
- Complex filter expressions
Module 3: Display Filters (6h)
- Filter syntax
- Comparison operators
- Logical operators
- Following streams
- Filter expressions builder
Module 4: Protocol Analysis (8h)
- TCP/IP deep dive
- HTTP/HTTPS analysis
- DNS analysis
- SMB analysis
- Wireless protocols
Module 5: Traffic Analysis (6h)
- Conversation analysis
- Endpoint statistics
- IO graphs
- Flow graphs
- Expert information
Module 6: Security Analysis (6h)
- Malware traffic patterns
- C2 communication detection
- Data exfiltration detection
- Network attacks identification
- Credential extraction
Module 7: Advanced Features (4h)
- TShark command line
- Lua scripting
- Custom dissectors
- Automation techniques
- Reporting
Tools
| Tool | Purpose |
|---|---|
| Wireshark | GUI analysis |
| TShark | CLI analysis |
| tcpdump | Capture tool |
| NetworkMiner | Forensic analysis |
| Zeek | Network monitoring |
Quick Navigation
📄️ Overview
Network traffic analysis, protocol dissection, and forensic investigation with Wireshark