Wireshark Tutorial

  • What is a packet capture?

A packet capture is the recording of all information that goes across your network. Preferably before you take this course you have some sort of networking experience, but what you really need to know is that it is possible to record all information that crosses a specific point in the path and then play it back so that an investigator can see everything that happened. If you don't have any networking experience, you can get away with learning as you go for the basics, but eventually you might want to become an expert so that you can crush these problems. Packet captures usually have the file extension .pcap or .pcapng, and are primarily opened with a tool named Wireshark.

  • Work through the NewBoston Wireshark tutorial. No need to watch all of it, or at regular speed. Try 1.5 speed (or 2x) and bounce around to learn as much as you can.


I'm sorry. This deserves its own thing but I haven't made it yet.

Wireshark is an amazing tool, install it in both your native Windows and your VM.

Last modified: Wednesday, 10 February 2021, 8:53 PM