Ethical Hacking and Threat Hunting using Wireshark

Learn Wireshark to detect malicious traffic in the enterprise network using various Threat hunting techniques.
New
Rating: 4.3 out of 5 (15 ratings)
2,471 students
English
English [Auto]
You'll learn to use Wireshark for detecting malicious files and suspicious network traffic.
You'll learn to detect Indicator of Compromise.
You'll learn to perform security forensics based on wireshark files.

Requirements

  • Basic Computer knowledge

Description

Threat hunting is the practice of proactively searching for cyber threats that are lurking undetected in a network. Cyber threat hunting digs deep to find malicious actors in your environment that have slipped past your initial endpoint security defenses.

In this course, you'll learn to use Wireshark tool for threat hunting in enterprise network. While there are a number of great resources available about what hunting is and how it can assist you, it might be challenging to cross over from the realm of the theoretical into the practical. As any hunter will tell you, orientation and planning is one of the critical aspects of effective threat hunting. This guide will help you orient and plan by laying out some basic tips and instructions on how to direct your hunting activities. It will also give you direction on how to practically carry them out using a variety of hunting techniques. Threat hunting has been around for a while, but it has only recently become a focus of modern enterprise Security Operation Centers (SOCs). Hunting can revolutionize the threat detection efforts of an organization, and many have already recognized that proactive hunting needs to play a role in their overall detection practices (a common mantra one often hears is “prevention is ideal but detection is a must”). According to a recent survey on threat hunting conducted by the SANS institute, 91% of organizations report improvements in speed and accuracy of response due to threat hunting. It’s clearly worth your time, but it’s also worth knowing what exactly you’re investing in. Before going any further, let’s take a look at 3 common myths about hunting that will help clarify what it is.

Section 1: Introduction

Section 2: Getting started with Wireshark

Section 3: Threat Hunting

Who this course is for:

  • Security Analyst who want to perform threat hunting.
  • Forensics engineer who want to find root cause of analysis of cyber attacks such as Ransomware, data breaches and malware attacks.

Course content

3 sections13 lectures1h 30m total length
  • Introduction to Wireshark and basic tour
    05:34
  • Wireshark Interfaces
    05:16
  • How TCP/IP works
    11:27
  • Encapsulation Explained
    02:13

Instructor

Principal Consultant, CISA, CPISI, CDPO-GDPR & Author
Rajneesh Gupta
  • 4.2 Instructor Rating
  • 187 Reviews
  • 16,965 Students
  • 5 Courses

9 assertive years in information security have led me to do one thing: Build InfoSec solutions that actually work.

He has worked with Organizations such as HP Enterprise, Alcatel-Lucent, Reliance Communications.

He is currently working as Principal Consultant at Tesseract Global and helps businesses make security possible by enabling visibility, engagement, and leadership.

Diverse security leadership experience, including roles in operations, system integration, security architecture, project management, Identity, and Access management, business continuity planning, IT risk management and information security.

He has delivered multiple assignments on Cyber Security, Payments, PCI DSS, SSAE16, ISO20000, BS25999, ISO 27001, Secure Architecture Design & Solution Implementation, IT Security & Risk Management, IT Audit, Advisory & Assurance and Business Process & Controls Improvement for enterprises in United States, Singapore, India, UAE & UK.