COURSE

Wireshark

Wireshark is a tool used for capturing and analyzing network traffic. It enables the examination and analysis of network traffic in real-time or from saved PCAP files.

Wireshark is able to dissect various network protocols and display detailed information about each network packet. Security experts can use it to detect suspicious or malicious network traffic, such as the spread of malware, attacks, or phishing. It is often needed in CTF competitions as well.

Especially Wireshark is suitable for learning network protocols. You can, for example, start Wireshark, open a browser, go to Hakatemian's page, and then see the whole transaction in Wireshark.

In this course, we will learn the basics of Wireshark, such as capturing traffic, using the search field, and understanding the statistics in the Wireshark program.

DIFFICULTYBEGINNER

ESTIMATED TIME2h 25min

COURSE MODULES

0X1INTRO

What is wireshark?

Installation

0X2USE

The first steps

Taking traffic to and from the machine

Display filters - Display filters

Capture filters

Traffic analysis

Package structure

Extracting files from a PCAP file

0X3PRACTICE TASKS

Exercise 1 - http.pcap

LAB

Exercise 2 - nmap.pcap

LAB

Exercise 3 - dhcp.pcap

LAB

Exercise 4 - dns.pcap

LAB

Exercise 5 - http_with_jpegs.pcap

LAB

Hakatemia Pro

Learn to hack — start here

Hundreds of interactive courses, virtual labs and CTF challenges in your browser. Start a free trial — no card required.