Wireshark Crash Course

بواسطة: Skillshare

Overview

Wireshark is the most widely used network capture and protocol analyzer on the market. It is used by IT and Network administrators to troubleshoot network connectivity issues and by Network Security analysts to dissect network attacks. This free and open source application is so widely used in the industry because it works. It is cross-platform, meaning that it runs on Windows, Mac, Linux, and FreeBSD.

This course is an introduction to the application and goes over the basics to get you started capturing and analyzing network traffic. It will build your base by explaining the theory behind how networks work and then get you into real-world applications of the software.

In this course you will learn:

  • The basics of how networks operate
  • How to capture traffic on Wireshark
  • How to use display and capture filters
  • How to use command line Wireshark to work with large packet captures

Syllabus

  • Instructor Introduction
  • What is Wireshark
  • The OSI Model
  • Install Wireshark on Windows
  • Install Wireshark on Mac
  • Install Wireshark on Linux
  • Where to Place Wireshark
  • Your First Capture
  • Capture Filters
  • Working with the Wireshark Interface
  • Display Filters
  • Follow Network Conversations
  • Exporting Objects
  • Carve Packet Streams
  • Tshark field extraction
  • Find Malicious IPs
  • TCPDUMP Introduction
  • First TCPDUMP Capture
  • TCPDUMP Filters
  • TCPDUMP for Carving

Taught by

Kyle Slosek

Wireshark Crash Course
الذهاب الي الدورة

Wireshark Crash Course

بواسطة: Skillshare

  • Skillshare
  • مدفوعة
  • الإنجليزية
  • متاح شهادة
  • متاح في أي وقت
  • beginner
  • N/A
8.1.2PHP Version184msRequest Duration2MBMemory UsageGET ar/الدورات/{slug}Route
    • Booting (102ms)
    • Application (81.61ms)
    • 1 x Booting (55.45%)
      102.12ms
      1 x Application (44.32%)
      81.61ms
      14 templates were rendered
      • public.courses.show (resources/views/public/courses/show.blade.php)3bladefile
        Params
        0
        course
        1
        links
        2
        config
      • public.courses.partials.breadcrumbs (resources/views/public/courses/partials/breadcrumbs.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      • public.courses.partials.heading (resources/views/public/courses/partials/heading.blade.php)7bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
        6
        classes
      • public.courses.partials.details (resources/views/public/courses/partials/details.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      • public.courses.partials.breadcrumbs (resources/views/public/courses/partials/breadcrumbs.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      • public.courses.partials.heading (resources/views/public/courses/partials/heading.blade.php)7bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
        6
        classes
      • public.layouts.main (resources/views/public/layouts/main.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      • public.layouts.partials.meta (resources/views/public/layouts/partials/meta.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      • public.layouts.partials.navbar (resources/views/public/layouts/partials/navbar.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      • public.auth.profile.partials.links (resources/views/public/auth/profile/partials/links.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      • public.auth.profile.partials.link (resources/views/public/auth/profile/partials/link.blade.php)8bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
        6
        route
        7
        title
      • public.auth.profile.partials.link (resources/views/public/auth/profile/partials/link.blade.php)8bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
        6
        route
        7
        title
      • public.auth.profile.partials.link (resources/views/public/auth/profile/partials/link.blade.php)8bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
        6
        route
        7
        title
      • public.layouts.partials.flash-session (resources/views/public/layouts/partials/flash-session.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      uri
      GET ar/الدورات/{slug}
      middleware
      web, localize:ar
      controller
      App\Http\Controllers\CourseController@show
      as
      ar.courses.show
      namespace
      prefix
      /ar
      where
      file
      app/Http/Controllers/CourseController.php:17-35
      6 statements were executed14.93ms
      • select * from `courses` where `slug_ar` = 'wireshark-crash-courseKuJ' limit 1
        13.91ms/app/Http/Controllers/CourseController.php:20corspedia
        Metadata
        Bindings
        • 0. wireshark-crash-courseKuJ
        Backtrace
        • 17. /app/Http/Controllers/CourseController.php:20
        • 18. /vendor/laravel/framework/src/Illuminate/Routing/Controller.php:54
        • 19. /vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php:43
        • 20. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:260
        • 21. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:205
      • update `courses` set `visitors` = `visitors` + 1, `courses`.`updated_at` = '2025-01-30 20:15:36' where `id` = 5781
        320μs/app/Http/Controllers/CourseController.php:21corspedia
        Metadata
        Bindings
        • 0. 2025-01-30 20:15:36
        • 1. 5781
        Backtrace
        • 17. /app/Http/Controllers/CourseController.php:21
        • 18. /vendor/laravel/framework/src/Illuminate/Routing/Controller.php:54
        • 19. /vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php:43
        • 20. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:260
        • 21. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:205
      • select `id`, `name_en`, `name_ar`, `topic_id`, `slug_en`, `slug_ar` from `subjects` where `subjects`.`id` in (116)
        160μs/app/Http/Controllers/CourseController.php:23corspedia
        Metadata
        Backtrace
        • 20. /app/Http/Controllers/CourseController.php:23
        • 21. /vendor/laravel/framework/src/Illuminate/Routing/Controller.php:54
        • 22. /vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php:43
        • 23. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:260
        • 24. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:205
      • select `id`, `name_en`, `name_ar`, `slug_en`, `slug_ar` from `topics` where `topics`.`id` in (1)
        150μs/app/Http/Controllers/CourseController.php:23corspedia
        Metadata
        Backtrace
        • 25. /app/Http/Controllers/CourseController.php:23
        • 26. /vendor/laravel/framework/src/Illuminate/Routing/Controller.php:54
        • 27. /vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php:43
        • 28. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:260
        • 29. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:205
      • select * from `providers` where `providers`.`id` in (59) and `providers`.`deleted_at` is null
        170μs/app/Http/Controllers/CourseController.php:23corspedia
        Metadata
        Backtrace
        • 20. /app/Http/Controllers/CourseController.php:23
        • 21. /vendor/laravel/framework/src/Illuminate/Routing/Controller.php:54
        • 22. /vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php:43
        • 23. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:260
        • 24. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:205
      • select * from `html_files` where `html_files`.`id` = 5772 limit 1
        220μs/app/Models/Course.php:84corspedia
        Metadata
        Bindings
        • 0. 5772
        Backtrace
        • 21. /app/Models/Course.php:84
        • 28. view::public.courses.show:29
        • 30. /vendor/laravel/framework/src/Illuminate/Filesystem/Filesystem.php:125
        • 31. /vendor/laravel/framework/src/Illuminate/View/Engines/PhpEngine.php:58
        • 32. /vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php:72
      App\Models\HtmlFile
      1
      App\Models\Provider
      1
      App\Models\Topic
      1
      App\Models\Subject
      1
      App\Models\Course
      1
        _token
        fgYGNAx8SdMhkuvzYhYWkDNzeUIEPtmBdtI6cn6Q
        locale
        ar
        _previous
        array:1 [ "url" => "https://www.corspedia.com/ar/%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D8%A7%D8%AA/wiresh...
        _flash
        array:2 [ "old" => [] "new" => [] ]
        PHPDEBUGBAR_STACK_DATA
        []
        path_info
        /ar/%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D8%A7%D8%AA/wireshark-crash-courseKuJ
        status_code
        200
        
        status_text
        OK
        format
        html
        content_type
        text/html; charset=UTF-8
        request_query
        []
        
        request_request
        []
        
        request_headers
        0 of 0
        array:24 [ "sec-ch-ua-mobile" => array:1 [ 0 => "?0" ] "sec-ch-ua" => array:1 [ 0 => ""HeadlessChrome";v="129", "Not=A?Brand";v="8", "Chromium";v="129"" ] "cache-control" => array:1 [ 0 => "no-cache" ] "pragma" => array:1 [ 0 => "no-cache" ] "cdn-loop" => array:1 [ 0 => "cloudflare; loops=1" ] "priority" => array:1 [ 0 => "u=0, i" ] "upgrade-insecure-requests" => array:1 [ 0 => "1" ] "user-agent" => array:1 [ 0 => "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)" ] "cf-connecting-ip" => array:1 [ 0 => "3.23.112.215" ] "accept" => array:1 [ 0 => "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" ] "sec-fetch-site" => array:1 [ 0 => "none" ] "cf-visitor" => array:1 [ 0 => "{"scheme":"https"}" ] "sec-fetch-mode" => array:1 [ 0 => "navigate" ] "sec-fetch-user" => array:1 [ 0 => "?1" ] "x-forwarded-proto" => array:1 [ 0 => "https" ] "cf-ipcountry" => array:1 [ 0 => "US" ] "accept-encoding" => array:1 [ 0 => "gzip, br" ] "sec-fetch-dest" => array:1 [ 0 => "document" ] "sec-ch-ua-platform" => array:1 [ 0 => ""Windows"" ] "x-forwarded-for" => array:1 [ 0 => "3.23.112.215" ] "cf-ray" => array:1 [ 0 => "90a4228ae946224c-ORD" ] "host" => array:1 [ 0 => "www.corspedia.com" ] "content-length" => array:1 [ 0 => "" ] "content-type" => array:1 [ 0 => "" ] ]
        request_server
        0 of 0
        array:50 [ "USER" => "www-data" "HOME" => "/var/www" "HTTP_SEC_CH_UA_MOBILE" => "?0" "HTTP_SEC_CH_UA" => ""HeadlessChrome";v="129", "Not=A?Brand";v="8", "Chromium";v="129"" "HTTP_CACHE_CONTROL" => "no-cache" "HTTP_PRAGMA" => "no-cache" "HTTP_CDN_LOOP" => "cloudflare; loops=1" "HTTP_PRIORITY" => "u=0, i" "HTTP_UPGRADE_INSECURE_REQUESTS" => "1" "HTTP_USER_AGENT" => "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)" "HTTP_CF_CONNECTING_IP" => "3.23.112.215" "HTTP_ACCEPT" => "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" "HTTP_SEC_FETCH_SITE" => "none" "HTTP_CF_VISITOR" => "{"scheme":"https"}" "HTTP_SEC_FETCH_MODE" => "navigate" "HTTP_SEC_FETCH_USER" => "?1" "HTTP_X_FORWARDED_PROTO" => "https" "HTTP_CF_IPCOUNTRY" => "US" "HTTP_ACCEPT_ENCODING" => "gzip, br" "HTTP_SEC_FETCH_DEST" => "document" "HTTP_SEC_CH_UA_PLATFORM" => ""Windows"" "HTTP_X_FORWARDED_FOR" => "3.23.112.215" "HTTP_CF_RAY" => "90a4228ae946224c-ORD" "HTTP_HOST" => "www.corspedia.com" "REDIRECT_STATUS" => "200" "SERVER_NAME" => "corspedia.com" "SERVER_PORT" => "443" "SERVER_ADDR" => "141.95.147.152" "REMOTE_USER" => "" "REMOTE_PORT" => "52738" "REMOTE_ADDR" => "172.71.255.117" "SERVER_SOFTWARE" => "nginx/1.18.0" "GATEWAY_INTERFACE" => "CGI/1.1" "HTTPS" => "on" "REQUEST_SCHEME" => "https" "SERVER_PROTOCOL" => "HTTP/2.0" "DOCUMENT_ROOT" => "/var/www/corspedia/public" "DOCUMENT_URI" => "/index.php" "REQUEST_URI" => "/ar/%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D8%A7%D8%AA/wireshark-crash-courseKuJ" "SCRIPT_NAME" => "/index.php" "CONTENT_LENGTH" => "" "CONTENT_TYPE" => "" "REQUEST_METHOD" => "GET" "QUERY_STRING" => "" "SCRIPT_FILENAME" => "/var/www/corspedia/public/index.php" "PATH_INFO" => "" "FCGI_ROLE" => "RESPONDER" "PHP_SELF" => "/index.php" "REQUEST_TIME_FLOAT" => 1738268136.3953 "REQUEST_TIME" => 1738268136 ]
        request_cookies
        []
        
        response_headers
        0 of 0
        array:5 [ "content-type" => array:1 [ 0 => "text/html; charset=UTF-8" ] "cache-control" => array:1 [ 0 => "no-cache, private" ] "date" => array:1 [ 0 => "Thu, 30 Jan 2025 20:15:36 GMT" ] "set-cookie" => array:2 [ 0 => "XSRF-TOKEN=eyJpdiI6Ik1YOWtmMGl2REwzUXJ6OVdJNEJvK3c9PSIsInZhbHVlIjoiK1RtSFVySElyRDArczlvWFpVWlpnNUlkYk1rSFc4aXhrd0pkQkNjSlM3RGx5Q1BkK1VYRjJDZE5iTUF4M1lORWorakFOZ2QyVU5pcUQ5Y0FLbzhlMGN4bUxZaHFvYmREWUdHU1R1TkdzTFVKU0xJNGtKSE5OaS94a2ZpMVNXWlgiLCJtYWMiOiI4MTk5NjNlYzNkMmU0ZWZiZjVmNzhiN2Q2NjQ5NzQxYTRiNTNkMzY4NWVjMzA4OWUxZjc2ODZmZDAzMmYyYzM0IiwidGFnIjoiIn0%3D; expires=Thu, 30 Jan 2025 22:15:36 GMT; Max-Age=7200; path=/; samesite=laxXSRF-TOKEN=eyJpdiI6Ik1YOWtmMGl2REwzUXJ6OVdJNEJvK3c9PSIsInZhbHVlIjoiK1RtSFVySElyRDArczlvWFpVWlpnNUlkYk1rSFc4aXhrd0pkQkNjSlM3RGx5Q1BkK1VYRjJDZE5iTUF4M1lORWorakFOZ" 1 => "laravel_session=eyJpdiI6Ik1NQ3YrWU1wblU0dnNUUEs3Nk1IRkE9PSIsInZhbHVlIjoiVmcxNXV4T3JFVmkydVBDVXBLNWJVMndjdXJZZGgzeVY1NnVnY0xIZUtJbWJlUkttS0hMaHJaaFpuclZadktkWGo2RzBzT3BJQWVTS2VQcmg3aG1LQXRSYWsvUGNLT1NCUklYaDFGdFJHcGI4NndzRSt2SEVoZ2xXWlR2MkdxVmoiLCJtYWMiOiI4ZTkzYjJiNjZkOGYyYzdmZjczYzUzODc1NTIxNmIxZmQ2NWM4OTJiMjM4NjlhZjA2NjcyYWQ2OTJkMTYwN2ZlIiwidGFnIjoiIn0%3D; expires=Thu, 30 Jan 2025 22:15:36 GMT; Max-Age=7200; path=/; httponly; samesite=laxlaravel_session=eyJpdiI6Ik1NQ3YrWU1wblU0dnNUUEs3Nk1IRkE9PSIsInZhbHVlIjoiVmcxNXV4T3JFVmkydVBDVXBLNWJVMndjdXJZZGgzeVY1NnVnY0xIZUtJbWJlUkttS0hMaHJaaFpuclZadktkWGo2" ] "Set-Cookie" => array:2 [ 0 => "XSRF-TOKEN=eyJpdiI6Ik1YOWtmMGl2REwzUXJ6OVdJNEJvK3c9PSIsInZhbHVlIjoiK1RtSFVySElyRDArczlvWFpVWlpnNUlkYk1rSFc4aXhrd0pkQkNjSlM3RGx5Q1BkK1VYRjJDZE5iTUF4M1lORWorakFOZ2QyVU5pcUQ5Y0FLbzhlMGN4bUxZaHFvYmREWUdHU1R1TkdzTFVKU0xJNGtKSE5OaS94a2ZpMVNXWlgiLCJtYWMiOiI4MTk5NjNlYzNkMmU0ZWZiZjVmNzhiN2Q2NjQ5NzQxYTRiNTNkMzY4NWVjMzA4OWUxZjc2ODZmZDAzMmYyYzM0IiwidGFnIjoiIn0%3D; expires=Thu, 30-Jan-2025 22:15:36 GMT; path=/XSRF-TOKEN=eyJpdiI6Ik1YOWtmMGl2REwzUXJ6OVdJNEJvK3c9PSIsInZhbHVlIjoiK1RtSFVySElyRDArczlvWFpVWlpnNUlkYk1rSFc4aXhrd0pkQkNjSlM3RGx5Q1BkK1VYRjJDZE5iTUF4M1lORWorakFOZ" 1 => "laravel_session=eyJpdiI6Ik1NQ3YrWU1wblU0dnNUUEs3Nk1IRkE9PSIsInZhbHVlIjoiVmcxNXV4T3JFVmkydVBDVXBLNWJVMndjdXJZZGgzeVY1NnVnY0xIZUtJbWJlUkttS0hMaHJaaFpuclZadktkWGo2RzBzT3BJQWVTS2VQcmg3aG1LQXRSYWsvUGNLT1NCUklYaDFGdFJHcGI4NndzRSt2SEVoZ2xXWlR2MkdxVmoiLCJtYWMiOiI4ZTkzYjJiNjZkOGYyYzdmZjczYzUzODc1NTIxNmIxZmQ2NWM4OTJiMjM4NjlhZjA2NjcyYWQ2OTJkMTYwN2ZlIiwidGFnIjoiIn0%3D; expires=Thu, 30-Jan-2025 22:15:36 GMT; path=/; httponlylaravel_session=eyJpdiI6Ik1NQ3YrWU1wblU0dnNUUEs3Nk1IRkE9PSIsInZhbHVlIjoiVmcxNXV4T3JFVmkydVBDVXBLNWJVMndjdXJZZGgzeVY1NnVnY0xIZUtJbWJlUkttS0hMaHJaaFpuclZadktkWGo2" ] ]
        session_attributes
        0 of 0
        array:5 [ "_token" => "fgYGNAx8SdMhkuvzYhYWkDNzeUIEPtmBdtI6cn6Q" "locale" => "ar" "_previous" => array:1 [ "url" => "https://www.corspedia.com/ar/%D8%A7%D9%84%D8%AF%D9%88%D8%B1%D8%A7%D8%AA/wireshark-crash-courseKuJ" ] "_flash" => array:2 [ "old" => [] "new" => [] ] "PHPDEBUGBAR_STACK_DATA" => [] ]