Ethical Hacking and Threat Hunting using Wireshark

Learn Wireshark to detect malicious traffic in the enterprise network using various Threat hunting techniques.

What you'll learn:

• You'll learn to use Wireshark for detecting malicious files and suspicious network traffic.
• You'll learn to detect Indicator of Compromise.
• You'll learn to perform security forensics based on wireshark files.

Threat hunting is the practice of proactively searching for cyber threats that are lurking undetected in a network. Cyber threat hunting digs deep to find malicious actors in your environment that have slipped past your initial endpoint security defenses.

In this course, you'll learn to use Wireshark tool for threat hunting in enterprise network. While there are a number of great resources available about what hunting is and how it can assist you, it might be challenging to cross over from the realm of the theoretical into the practical. As any hunter will tell you, orientation and planning is one of the critical aspects of effective threat hunting. This guide will help you orient and plan by laying out some basic tips and instructions on how to direct your hunting activities. It will also give you direction on how to practically carry them out using a variety of hunting techniques. Threat hunting has been around for a while, but it has only recently become a focus of modern enterprise Security Operation Centers (SOCs). Hunting can revolutionize the threat detection efforts of an organization, and many have already recognized that proactive hunting needs to play a role in their overall detection practices (a common mantra one often hears is “prevention is ideal but detection is a must”). According to a recent survey on threat hunting conducted by the SANS institute, 91% of organizations report improvements in speed and accuracy of response due to threat hunting. It’s clearly worth your time, but it’s also worth knowing what exactly you’re investing in. Before going any further, let’s take a look at 3 common myths about hunting that will help clarify what it is.

Section 1: Introduction

Section 2: Getting started with Wireshark

Section 3: Threat Hunting