Abertay Ethical Hacking Society
  • Home
  • Information
    • Constitution
    • Change Logs
      • Website
      • Discord
      • Github
      • Server
    • Meetings
      • 2021-2022
    • Honourary Members
  • Contributing
    • Contributions
      • Using Git
      • Formatting and Best Practise
  • Society Events
    • Securi-Tay
      • History
  • Help Guides
    • Programming / Scripting
      • AWK
      • Bash Scripting
      • C Coding
      • Java Coding
      • LaTeX
      • Markdown
      • Project Ideas
      • Python Scripting
      • Tools
    • Software
      • Operating Systems
        • Installing Arch
        • Installing Kali
        • Linux Commands for Beginners
        • MacOS
      • Tools
        • PGP
          • A guide to using PGP on Android
          • A guide to using PGP on macOS
          • PGP
        • Radare2
        • Nmap
        • Regular Expressions
        • The Browser Exploitation Framework (BeEF)
        • Vim
        • Vimium
        • Zsh
    • Networking
      • Domain Name System (DNS)
      • Remote access to your Abertay network drive
      • Secure Shell (SSH)
      • TLS 1.3
      • Wireshark
      • Subnetting
    • Techniques
      • A guide to creating malicious macro-enabled Excel worksheets
      • Open Source Intelligence (OSINT)
      • Google-Fu
    • Jobs
      • Common Interview Questions
    • Home Lab
      • PiHole
  • Glossary
    • Infosec Terms
    • Computing Terms
    • Hardware Terms
    • General Terms
    • Development Terms
    • Networking Terms
  • Members
    • Profiles
      • AG
      • Isaac
      • Sam
  • Other
    • Other
      • Data Dumps
      • Meetups
      • Meltdown & Spectre
      • Movies
      • Project topic suggestions
      • Recommended Reading
Powered by GitBook
On this page
  • basic usage
  • slightly advanced tricks
  • SSHdump

Was this helpful?

  1. Help Guides
  2. Networking

Wireshark

PreviousTLS 1.3NextSubnetting

Last updated 3 years ago

Was this helpful?

is a network traffic monitoring tool.

basic usage

slightly advanced tricks

SSHdump

You can capture packets from an interface on a remote machine using SSH and tcpdump.

On Mac/Ubuntu this is built into Wireshark by default and you can select it as an option from the capture interface screen. (I think on Windows there's a plugin. Go find out and update this wiki!)

You just give it the SSH details and it runs tcpdump on the remote machine.

This is covered really well

(or you can do it from prefs)

and then go to Statistics > Endpoints and you can see the IPs plotted out on a map

by importing the cert

here
add any field as a custom column
add geoip db
decrypt tls
decrypt WPA encrypted wifi
Wireshark
FIXME