Wireshark

About

Wireshark is a tool used to monitor various network protocols through packet captures or live captures from a specified interface. Can be used for creating and analyzing PCAPs (network packet capture files), is commonly used as one of the best packet analysis tools.

Wireshark Homepage Some video resources that may be a little dated but still good information in general:

HakTip/Hak5:

Wireshark Playlist

Hackersploit:

Wireshark for Blue Teams
Installing and Configuring Wireshark for Traffic Analysis
Wireshark Display and Capture Filters
Decrypting HTTPS Traffic with Wireshark

A small hands on lab from TryHackMe can be found here as well.

Usage

Last updated 2 years ago