Skip to main content

Wireshark: Notes

Wireshark Logo: https://upload.wikimedia.org/wikipedia/commons/thumb/b/b9/Wireshark_Logo.svg/1024px-Wireshark_Logo.svg.png

Wireshark lets you dive deep into your network traffic - free and open source.

Install wireshark on Windows using winget

PS C:\Users\tuyen> winget install WiresharkFoundation.Wireshark

Install wireshark-cli on ArchLinux

[tuyen@minipc ~]$ sudo pacman -Sy wireshark-cli
CTRL + SHIFT + O : 

Apply filter

ip.src == 10.10.67.199
ip.dst == 10.10.15.52
tcp.port == 80
udp.port == 67
http.request.method == GET
http.request.method == POST

Extract zip file from .pcap file

Practice

>>> THM | 25 Days of Cyber Security - Day 7

>>> THM | Advent of Cyber 2 - Task 12 (Day 7)

>>> THM | Overpass 2 - Task 1

>>> THM | Startup

>>> Wireshare | THM (for subsribers only)

Popular posts from this blog

Red Hat: Notes

PluralSight: Free Courses

Register free account at https://app.pluralsight.com to explore these free courses.

Powershell: Check Bad Logon

get-aduser -Filter {BadLogonCount -ne 0} -properties * | select SamAccountName,BadLogonCount,BadPasswordTime,BadPwdCount,@{name='badPasswordTimeDT'; expression={[datetime]::fromFileTime($_.badPasswordTime)}} | sort BadPasswordTime | FT