Most of us have used Wireshark either academically or professionally for traffic analysis. Its a great tool for microscopic analysis of what is happening in the network. However, its greatest strength is also its greatest weakness i.e. it is extremely difficult to do macroscopic analysis, create custom reports, extract only certain fields from packets for offline analysis etc. This is where Tshark comes in! Tshark is a command line tool created by the Wireshark team and shares the same powerful parsing engine as Wireshark. It is capable of doing most things we've come to love Wireshark for, but with the "from command line" advantage. This makes it ideal for batch analysis, offline processing and routine automation of traffic analysis tasks. In this course, we will explore many of these capabilities. It is assumed you have a basic working knowledge of Wireshark and traffic analysis.
A non-exhaustive list of topics to be covered include:
- Tshark basics
- Automating activities with Tshark
- Display, Capture and Read Filters
- Single and Multi-Pass filters
- Field extraction
- Locating field names
- Exporting extractions
- Pipelining with Linux Utils e.g. sort, uniq
- Exporting of results
- PDML, PSML, JSON, ELK schema
- Pipelining with other tools
- Python automation
Traffic Analysis: TSHARK Unleashed Course Videos
Vivek Ramachandran is the Founder and Chief Trainer at Pentester Academy. He discovered the Caffe Latte attack, broke WEP Cloaking - a WEP protection schema, conceptualized enterprise Wi-Fi Backdoors and created Chellam, the world's first Wi-Fi Firewall. He is also the author of multiple five star rated books which have together sold over 13,000+ copies worldwide and have been translated to multiple languages.
Vivek started SecurityTube.net in 2007, a YouTube for security which current aggregates the largest collection of security research videos on the web. SecurityTube Training and Pentester Academy now serve thousands of customers from over 90 countries worldwide. He also conducts in-person trainings in the US, Europe and Asia. Vivek's work on wireless security has been quoted in BBC online, InfoWorld, MacWorld, The Register, IT World Canada etc. places. He has spoken/trained at top conferences around the world including Black Hat USA, Europe and Abu Dhabi, Defcon, Hacktivity, Brucon, SecurityByte, SecurityZone, Nullcon, C0C0n etc.
Vivek has over a decade of experience in security and has keen interest in the areas of Wireless, Mobile, Network and Web Application Pentesting, Shellcoding, Reversing and Exploit Research. He loves programming in Python, C and Assembly.
Books Authored by Vivek
Backtrack 5: Wireless Penetration Testing (5 Stars on Amazon.com)
Written in beginner friendly format, Backtrack 5: Wireless Penetration Testing will allow you to easily grasp the concepts and understand the techniques to perform wireless attacks in your lab. Every new attack is described in the form of a lab exercise with rich illustrations of all the steps associated. You will practically implement various attacks as you go along. If you are an IT security professional or a security consultant who wants to get started with wireless testing with Backtrack, or just plain inquisitive about wireless security and hacking, then this book is for you. The book assumes that you have familiarity with Backtrack and basic wireless concepts.
Kali Linux: Wireless Penetration Testing (5 Stars on Amazon.com)
As wireless networks become ubiquitous in our lives, wireless penetration testing has become a key skill in the repertoire of the professional penetration tester. The Kali Linux security distribution comes with a myriad of tools used for networking attacks and detecting security loopholes. Kali Linux Wireless Penetration Testing Beginner's Guide presents wireless pentesting from the ground up, introducing all elements of penetration testing with each new technology. Learn various wireless testing methodologies by example, from the basics of wireless routing and encryption through to detailed coverage of hacking methods and attacks such as the Hirte and Caffe Latte.
Make your own Hacker Gadget (Release in 2016)
Make your own Hacker Gadget will guide you step by step through the process of using off-the-shelf commodity Wi-Fi routers and the open source OpenWrt operating system for embedded devices to create custom gadgets. These gadgets can be used for remote monitoring, automating network pentests and intrusion detection and prevention. The focus of this book will be to create a gadget to do Wi-Fi pentests and attack automation.
Vivek explains everything in a methodical, easy to understand and beginner friendly way. No prior experience of working with embedded devices or OpenWrt is assumed. You will be learning how to create a pentest platform for Wi-Fi auditing, though the process taught can be easily adapted for auditing other technologies as well.