Abertay Ethical Hacking Society
  • Home
  • Information
    • Constitution
    • Change Logs
      • Website
      • Discord
      • Github
      • Server
    • Meetings
      • 2021-2022
    • Honourary Members
  • Contributing
    • Contributions
      • Using Git
      • Formatting and Best Practise
  • Society Events
    • Securi-Tay
      • History
  • Help Guides
    • Programming / Scripting
      • AWK
      • Bash Scripting
      • C Coding
      • Java Coding
      • LaTeX
      • Markdown
      • Project Ideas
      • Python Scripting
      • Tools
    • Software
      • Operating Systems
        • Installing Arch
        • Installing Kali
        • Linux Commands for Beginners
        • MacOS
      • Tools
        • PGP
          • A guide to using PGP on Android
          • A guide to using PGP on macOS
          • PGP
        • Radare2
        • Nmap
        • Regular Expressions
        • The Browser Exploitation Framework (BeEF)
        • Vim
        • Vimium
        • Zsh
    • Networking
      • Domain Name System (DNS)
      • Remote access to your Abertay network drive
      • Secure Shell (SSH)
      • TLS 1.3
      • Wireshark
      • Subnetting
    • Techniques
      • A guide to creating malicious macro-enabled Excel worksheets
      • Open Source Intelligence (OSINT)
      • Google-Fu
    • Jobs
      • Common Interview Questions
    • Home Lab
      • PiHole
  • Glossary
    • Infosec Terms
    • Computing Terms
    • Hardware Terms
    • General Terms
    • Development Terms
    • Networking Terms
  • Members
    • Profiles
      • AG
      • Isaac
      • Sam
  • Other
    • Other
      • Data Dumps
      • Meetups
      • Meltdown & Spectre
      • Movies
      • Project topic suggestions
      • Recommended Reading
Powered by GitBook
On this page
  • basic usage
  • slightly advanced tricks
  • SSHdump

Was this helpful?

  1. Help Guides
  2. Networking

Wireshark

PreviousTLS 1.3NextSubnetting

Last updated 3 years ago

Was this helpful?

Wireshark is a network traffic monitoring tool.

basic usage

This is covered really well here

slightly advanced tricks

  • add any field as a custom column (or you can do it from prefs)

  • add geoip db and then go to Statistics > Endpoints and you can see the IPs plotted out on a map

  • decrypt tls by importing the cert

  • decrypt WPA encrypted wifi

SSHdump

You can capture packets from an interface on a remote machine using SSH and tcpdump.

On Mac/Ubuntu this is built into Wireshark by default and you can select it as an option from the capture interface screen. (I think on Windows there's a plugin. Go find out and update this wiki!)

You just give it the SSH details and it runs tcpdump on the remote machine.

FIXME