Hacker hunting with Wireshark (even if SSL encrypted!)

The packets don't lie. You can hide processes or logs, but you cannot hide packets. Malware is a major problem in today's networks. Chris Greer is the Wireshark master. He shows us how to use Wireshark to find Malware and suspicious traffic in our networks. // MENU // 00:00 - Intro 04:24 - Sharkfest / DEFCON 05:55 - What is Threat Hunting? 07:33 - Why threat hunt with Wireshark? 10:05 - What are IOCs 10:30 - Why should we care? 12:23 - Packets/PCAPs 18:48 - 'Low hanging fruit' 21:10 - TCP Stream 27:29 - Stream 35:00 - How to know what to look for? 37:49 - JA3 Client Fingerprint 41:25 - ja3er.com 48:08 - Brim 52:20 - TSHARK 58:50 - Large Data Example 01:04:00 - Chris' Course 01:06:20 - Outro // PCAP download // Get the pcap here: https://ift.tt/wIY6W05 // Websites mentioned // ja3: https://ja3er.com If ja3er doesn't work, try this site: https://ift.tt/vrd7qcn Malware Analysis pcaps: https://ift.tt/TSNiIWH //CHRIS GREER // Udemy course: https://ift.tt/ZGmNvh3 LinkedIn: https://ift.tt/8ldpCSD YouTube: https://www.youtube.com/c/ChrisGreer Twitter: https://twitter.com/packetpioneer // David SOCIAL // Discord: https://ift.tt/fjTew1p Twitter: https://www.twitter.com/davidbombal Instagram: https://ift.tt/hljX2QB LinkedIn: https://ift.tt/alCd7xk Facebook: https://ift.tt/kmYbGzd TikTok: https://ift.tt/rJqtSsW YouTube: https://www.youtube.com/davidbombal // MY STUFF // https://ift.tt/3s6ZFTP // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com malware hacking hacker wireshark udp http https quic tcp firewall firewall quic quic firewall threat hunting hack hackers blue team red team tshark chris greer http https ssl nmap ja3 ja3 ssl ssl fingerprint nmap tutorial defcon sharkfest, acket analysis wireshark training wireshark tutorial free wireshark training wireshark tips wireshark for beginners wireshark analysis packet capture wireshark tutorial kali linux wireshark course introduction to wireshark Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #malware #hacking #wireshark
Hello and welcome to the temple of cybersecurity. Now you are watching Hacker hunting with Wireshark (even if SSL encrypted!) published at September 9, 2022 at 09:00AM. For more hacking info and free hacking tutorials visit: https://ift.tt/MXuDVPv follow us on:
Youtube: https://www.youtube.com/channel/UCiu1SUqoBRbnClQ5Zh9-0hQ/
Whatsapp: https://ift.tt/F9ftlvA
Reddit: https://ift.tt/65h3R9z
Telegram: https://ift.tt/sRNUV9z
NFT store: https://mintable.app/u/cha0smagick
Twitter: https://twitter.com/freakbizarro
Facebook: https://web.facebook.com/sectempleblogspotcom/
Discord: https://discord.gg/wKuknQA



Ignore tags:
#hacking,#infosec,#tutorial,#bugbounty,#threat,#hunting,#pentest,#hacked,#ethical,#hacker,#cyber,#learn,#security,#computer,#pc,#news