Wireshark: Advanced Tools and Techniques

Learn how to optimize packet capture using CLI tools, sanitize captures, baseline traffic, capture session keys and decrypt traffic, and create IO and stream graphs.

Introduction

• Enhance your skills
• What you need to know

1. Tapping into the Stream

• Enhance your skills
• Network architecture
• Tap into the network
• Baselining the network
• Restrictions and limitations
• Challenge
• Solution

2. Solving Network Problems

• Network congestion
• Case study: Spotify
• Case study: Multicast
• Merging traffic
• Sanitizing packet captures

3. Capture Engines and Wi-Fi

• Capture engines
• Install Npcap
• IEEE 802.11 overview
• 802.11 packet types

4. Command Line Capture

• Optimize packet captures
• tshark and dumpcap
• text2pcap and capinfos
• capinfos and editcap

5. IO and Stream Graphs

• Basic IO graphs
• Conversations and endpoints
• TCP stream graphs
• Advanced IO graphs

Conclusion

• What's next?