Identify Common Cyber Network Attacks with Wireshark
This course will teach you how to quickly spot cyber attacks and indicators of compromise in network traffic with Wireshark.
What you'll learn
Cyber attacks are everywhere. Are they lurking in your network? Every IT professional needs to develop the skills with Wireshark to quickly spot them. In this course, Identify Common Cyber Network Attacks with Wireshark, you’ll gain the ability to threat hunt at the packet level. First, you’ll explore how network and OS Fingerprinting scans work and how to identify them. Next, you’ll discover how to spot indicators of compromise in malware infections. Finally, you’ll learn how to isolate botnet and data exfiltration traffic. When you’re finished with this course, you’ll have the skills and knowledge of threat hunting with Wireshark needed to identify common cyber network attacks on your network.
Table of contents
- Module Intro 1m
- Network and Host Discovery Scans 3m
- Lab 1 - Detecting Network Discovery Scans with Wireshark 6m
- Lab 2 - Identifying Port Scans with Wireshark 6m
- Lab 2 - Part 2 - Detecting Port Scans 3m
- Lab 3 - Analyzing Malware for Network and Port Scans 8m
- Lab 3 - Part 2 - Analyzing Malware for Network and Port Scans 3m
- How OS Fingerprinting Works 3m
- Lab 4 - Detecting OS Fingerprinting with Wireshark 7m
- Lab 4 - Part 2 - Detecting OS Fingerprinting 6m
- How HTTP Path Enumeration Works 2m
- Lab 5 - Analyzing HTTP Path Enumeration with Wireshark 7m
- Module Review 1m
- Module Intro 1m
- How to Find "Suspect" Traffic Patterns 2m
- Spotting Network Attacks - The Top 10 Things to Look For 2m
- Lab 4 - Analyzing TCP SYN Attacks 4m
- Identifying Unusual Country Codes with GeoIP 2m
- Lab 7 - Spotting Suspect Country Codes with Wireshark 5m
- Lab 8 - Filtering for Unusual Domain Name Lookups 5m
- Analyzing HTTP Traffic and File Transfers 3m
- Lab 9 - Analyzing HTTP Traffic and Unencrypted File Transfers 6m
- Spotting Data Exfiltration, Brute Force Password Behavior, and Reverse Shell 3m
- Lab 10 - Analysis of a Brute Force Attack 6m
- Module Review 1m
- Module Intro 1m
- How to Identify Shells and Reverse Shells 2m
- Lab 12 - Analyzing Reverse Shell Behavior 4m
- How to Spot Botnet Traffic 3m
- Lab 13 - Identifying Botnet Traffic with Wireshark 6m
- Lab 13 - Identifying Botnet Traffic - Part 2 4m
- How to Identify Data Exfiltration 3m
- Lab 14 - Analyzing Data Exfiltration with Wireshark 7m
- Module Review 0m
- Course Review 1m
About the author
Chris Greer is a network analyst for Packet Pioneer, delivering training and packet analysis consulting services to customers all over the world. He specializes in using Wireshark to combat network and application performance problems on networks of all sizes. Chris leverages his 20 years of practical experience in network monitoring, analysis, and troubleshooting to heighten the experience of any attendee to his interactive and energetic courses. When he is not digging deep into packets or te... more