The Practical Packet Analysis course is the best way to get hands-on visual experience capturing, dissecting, and making sense of packets.
Practical Packet Analysis IS for you if…
The ability to understand packets is a critical skill for SOC analysts, network engineers, system administrators, forensic investigators, reverse engineers, and programmers alike.
Practical Packet Analysis will help you build those skills through a series of expert-led lectures, scenario-based demonstrations, and hands-on lab exercises.
You’ll learn:
When I say PRACTICAL, I mean it! Everything you’ll learn is something you can directly apply to the job you have or the job you want.
This course is loaded with actual PCAPs that you can download and interact with. Some of the scenarios I’ll guide you through include:
Watch Online On Mega
Practical Packet Analysis IS for you if…
- You’ve ever sat at your screen staring at a bunch of packets and felt paralyzed by not knowing what to do next
- The only Wireshark trick you know is how to Follow a TCP Stream
- You can’t spot things that are abnormal, because you don’t know what normal on your network looks like
- You’ve always wanted to be able to prove that the network isn’t why things are running slow
- You’ve tried a bunch of different approaches to becoming more comfortable analyzing packets — but haven’t found anything that works for YOU yet!
The ability to understand packets is a critical skill for SOC analysts, network engineers, system administrators, forensic investigators, reverse engineers, and programmers alike.
Practical Packet Analysis will help you build those skills through a series of expert-led lectures, scenario-based demonstrations, and hands-on lab exercises.
You’ll learn:
- 5 techniques for capturing packets in any scenario and how to know which one is appropriate
- The life of a packet and how data moves through the network.
- How to use packet maps to navigate protocols. I’ll give you color-coded printable maps for all the most common protocols you’ll encounter.
- All of Wireshark’s analysis features, including how to create graphs, traverse protocol hierarchy charts, and generate stats that are simple AND useful.
- Manipulate packet timestamps to sync captures taken from different sources and more quickly spot large gaps in sequences of events.
- My tips for customizing your analysis environment by using features like Wireshark profiles, custom columns, and individual packet color coding.
- Techniques for extracting complete files from network communication via multiple protocols — even custom malware command and control.
- How to use tshark and tcpdump to perform packet analysis on the command line.
- The basic stimulus and response of common protocols — and how attackers use this to their advantage.
- How to approach and dissect these protocols: IPv4, IPv6, TCP, UDP, DHCP, DNS, HTTP, SMTP, and ICMP.
- Filtering techniques using Wireshark display filters and BPF capture filters so you can quickly eliminate noise and get to the data you need
- A strategy for approaching unknown or undocumented protocols like you might encounter when dealing with malware of custom applications.
When I say PRACTICAL, I mean it! Everything you’ll learn is something you can directly apply to the job you have or the job you want.
This course is loaded with actual PCAPs that you can download and interact with. Some of the scenarios I’ll guide you through include:
- How an attacker at a coffee shop could use HTTP session hijacking to access accounts
- An infection chain that starts with an exploit kit and ends with ransomware
- The Heartbleed attack and how it takes advantage of an HTTPS flaw
- The difference between IPv4 and IPv6
- Identifying network latency by examining TCP connection characteristics
- ARP cache poisoning as seen from the attacker and victim POV
- Troubleshooting IOT device communication
- DNS recursion from three different perspectives
- A remote access trojan that uses custom command and control to steal data
- & Many More....
Watch Online On Mega
Last edited by a moderator: