Ethical Hacking and Network Analysis with Wireshark

Introduction

Ethical Hacking and Networking Concepts

• Introduction
• Introduction to ethical hacking
• Introduction to networking concepts
• The OSI model
• The TCP/IP model
• IP networks and subnets
• Switching and routing packets
• WAN links
• Wireless networking
• What is network traffic
• Overview of network packet sniffing 
• Active and passive sniffing
• Wireshark in ethical hacking and traffic analysis 
• Conclusion

Getting Acquainted with Wireshark and Setting up the Environment

• Introduction
• What is Wireshark
• Downloading and Installing Wireshark with Libraries 
• Exploring the Wireshark user interface
• Conclusion

Getting Started with Packet Sniffing

• Introduction
• Define your sniffing targets 
• Choosing network interfaces 
• Performing a packet sniffing
• Remote network packet 
• Display and capture filters
• Maximizing packet capture performance
• Stop sniffing, saving, and exporting packets
• Challenges/limitations of packet capturing
• Conclusion

Sniffing on 802.11 Wireless Networks

• Introduction
• 802.11 wireless networks
• 802.11 wireless network architecture
• 802.11 packet structure
• Wireless card modes
• Difference between monitor mode and promiscuous mode
• WLAN capture setup
• Sniffing WLAN Network Traffic
• Wi-Fi sniffer: WPA/WPA2 
• 802.11 Sniffer Capture Analysis: Multicast
• 802.11 Sniffer Capture Analysis: Web authentication
• Challenges of sniffing 802.11 wireless networks 
• Conclusion 

Sniffing Sensitive Information, Credentials and Files

• Introduction
• Sniffing the activity over USB interfaces
• Capturing credentials on HTTP
• Extracting images from PCAP file using Wireshark
• PDF and ZIP files saving from Wireshark
• Capturing Telnet password
• Capturing SMTP password
• Identifying hosts and users with Wireshark
• Conclusion

Analyzing Network Traffic Based on Protocols

• Introduction
• IPv4 and IPv6
• ARP
• ICMP
• TCP
• UDP
• HTTP
• FTP
• SMTP
• DHCPv6
• DNS
• Conclusion

Analyzing and Decrypting SSL/TLS Traffic

• Introduction
• Introduction to SSL/TLS
• The SSL/TLS Handshake
• Key exchange
• Decrypting SSL/TLS traffic using Wireshark
• Conclusion

Analyzing Enterprise Applications

• Introduction
• Identifying the service running over the network
• Analyzing Microsoft Terminal Server and Citrix communications
• Analyzing the database traffic
• Analyzing SNMP traffic
• Conclusion 

Analysing VoIP Calls Using Wireshark

• Introduction
• Introduction to VoIP technology
• VoIP architecture
• Working of VoIP
• VoIP supporting protocols
• Sniffing VoIP traffic
• SIP call analysis
• Analysing RTP Streams in VoIP Traffic 
• Challenges/limitations in analyzing VoIP calls through Wireshark
• Conclusion

Analyzing Traffic of IoT Devices

• Introduction
• Introduction to IoT
• IoT devices: Use cases for network sniffing
• Sniffing traffic of IoT devices
• Analyzing traffic of IoT devices
• Conclusion

Detecting Network Attacks with Wireshark

• Introduction
• Detecting suspicious network traffic patterns
• Detecting port scanning 
• Detecting Denial of Service and Distributed Denial of Service attacks
• Detecting Brute-force and application attacks
• Detecting ARP poisoning
• Detecting session hijacking
• Detecting honeypot traffic
• Detecting Heartbleed bug
• Challenges/limitations of analysis of network attacks using Wireshark
• Conclusion

Troubleshooting and Performance Analysis Using Wireshark

• Introduction
• Troubleshooting methodology
• Troubleshooting connectivity issues
• Troubleshooting functional issues
• Performance analysis methodology
• Troubleshooting TCP protocol issues
• Troubleshooting slow application response time
• Conclusion