Vulnerability Assessment
A Vulnerability Assessment aims to identify and categorize risks for security weaknesses related to assets within an environment. It is important to note that there is little to no manual exploitation during a vulnerability assessment. A vulnerability assessment also provides remediation steps to fix the issues. The purpose of a Vulnerability Assessment is to understand, identify, and categorize the risk … Read more
Wireshark – Packet Filtering
Packet Filtering Capture Filters This type of filter is used to save only a specific part of the traffic. It is set before capturing traffic and not changeable during the capture. Display Filters This type of filter is used to investigate packets by reducing the number of visible packets, and it is changeable during the … Read more
{TryHackMe} Wireshark: Packet Operations – Task 2
Link to the TryHackMe room Statistics – Summary This menu provides multiple statistics options ready to investigate to help users see the big picture in terms of the scope of the traffic, available protocols, endpoints and conversations, and some protocol-specific details like DHCP, DNS and HTTP/2. For a security analyst, it is crucial to know … Read more
Wireshark Cheatsheet
Filter by IP address: displays all traffic from IP, be it source or destination ip.addr == 192.168.1.1 Filter by source address: display traffic only from IP source ip.src == 192.168.0.1 Filter by destination: display traffic only form IP destination ip.dst == 192.168.0.1 Filter by IP subnet: display traffic from subnet, be it source or destination … Read more
Wireshark 101
Wireshark is an open-source, cross-platform network packet analyser tool capable of sniffing and investigating live traffic and inspecting packet captures (PCAP). It is commonly used as one of the best packet analysis tools. In this room, we will look at the basics of Wireshark and use it to perform fundamental packet analysis. Use Cases Wireshark is … Read more