Wireshark: The Art of Sniffing - Complete Crash Course

How to use the Sniffer #1 in the World in different real scenarios and get paid more! Theory & Practice + V.2 INFO!
4.3 (12 ratings)
Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
93 students enrolled
Take This Course
  • Lectures 58
  • Length 4 hours
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works


Find online courses made by experts from around the world.


Take your courses with you and learn anywhere, anytime.


Learn and practice real-world skills and achieve your goals.

About This Course

Published 10/2015 English

Course Description

UPDATED: + Includes information about Wireshark version 2!
Complete Wireshark® Crash Course that will help You use the Sniffer #1 in the World in different Real Scenarios!

Dear student, in a short time you'll be able to use Wireshark® - the Sniffer #1 in the World - in many ways!

This Complete Course covers many Sniffing topics and includes a lot of practice:

  • For Ethical Hacking Beginners I'm overviewing MITM-attacks like ARP Spoofing and methods to Hide & Detect a Sniffer
  • For Beginners in Networking I'm covering the Networking basics - from the OSI model and VLANs to Port Mirroring and Passive Sniffing
  • For Network Admins there are Useful Topics which will help Troubleshoot the Network, visualize and compare the Traffic Flows and carry out Remote Capturing
  • I'll also explain to You how to make Receive-Only UTP cables and Passive Network Taps
  • If You never installed Wireshark there are Full Wireshark® Installation Tutorials
  • In this course I'm reviewing the most used classic Wireshark® (v.1) that is very stable
  • I'm also reviewing some changes in NEW Wireshark® version 2
  • There are also various Labs, Cheat Sheets & Quizzes

As I appreciate Your time, my lessons are concise and clear - You'll need only 5 minutes

At the end of this Crash Course You'll be able to capture traffic, export it in different ways, analyze frames, be aware of the varieties of options to perform Man-In-The-Middle attacks and sniff traffic invisibly, detect an active Sniffer, and even hear and analyze VoIP-calls!

You'll like it - let's begin!

What are the requirements?

  • Basic knowledge of networking like what is an IP-address
  • A computer with Windows, Linux or Mac OS X

What am I going to get from this course?

  • Use Wireshark like a champ
  • Make Receive-Only UTP cables and Passive Network Taps
  • Recover passwords from the traffic and analyze VoIP calls
  • Simulate Man-In-The-Middle attacks (MITM)
  • Understand the ins and outs of Sniffing
  • Detect sniffers in many ways
  • Use Regular Expressions
  • Decrypt Wireless traffic
  • Understand the OSI-model
  • Use Wireshark to create firewall rules
  • Securely use a remote server as a sniffer
  • Compare various traffic flows using graphs
  • Capture and Analyze the traffic using various filters
  • Extract files from the captured network traffic
  • ...and much-much more!

Who is the target audience?

  • Everyone who wants to learn Wireshark & GET PROMOTED
  • Network/System Administrators
  • Beginners in Ethical Hacking who want to learn Networking aspects of Sniffing
  • The users of GNS3
  • This course is NOT about the details of traffic analysis of the specific protocols
  • This course is NOT about in-depth security and ethical hacking methods, it shows the main principles of Sniffing attacks and demonstrates their dangers as well as points out to the Mitigation techniques

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.


Section 1: Wireshark basics
What is Wireshark and why it is the main software piece of this course

Please read this before using Wireshark!


How to install Wireshark on Windows


How to fast & correctly install Wireshark on Ubuntu (or on any other Debian-based Linux).

This method also works for Raspbian.

How to install Wireshark on Mac OS X
Additional Info about the installation on OS X & Linux/Unix

Quick overview of the capture process;
Basic operations - start/stop the capturing process, save the capture


Quick overview of Main Menu & more details about the Packet Capture setup


Quick overview of the Toolbars and Panes

Section 2: Networking of Sniffing: Crash Theory & Practice

The OSI model is the must-know for every system/network admin

The OSI model is the must-know for every system/network admin
Learn the difference between a Hub, a Switch and a Router

Network Conceptions that determine the "borders" of Sniffing


Learn how to mirror traffic by using a Managed Switch

Learn the difference between various sniffing types as well as "invisible sniffing" methods

Secure vs. Insecure protocols - What is the difference


One of still used & popular weak protocols is Telnet.
View how it's easy to see the whole communication including passwords etc.

Learn what is a tap, what various tap types exist nowadays and make your own FastEthernet passive tap

NIC modes that break the "normal rules"


Where should one place a sniffer

8 questions
Section 3: Sniffing attacks: Crash Theory & Practice
Various options to prepare your computer for the next labs

The fastest way to get Kali Linux up and running in the virtual environment


This attack can turn a switch into a hub

The most popular MITM-attack
The insidious Wireless MITM-attack that is very hard to detect

DHCP Starvation & DHCP Rogue Server - theory


DHCP Starvation & DHCP Rogue Server - practice


How an attacker can change the websites that a user browses


How to intercept the traffic that is to be encrypted by SSL


SSL Hijacking practice - Simulation: sniffing Facebook test-user credentials

4 questions
Section 4: Work with Traffic
The core feature of almost every advanced sniffer that allows to turn binary data to protocol fields

How to capture only the interesting traffic. Theory and practice.

1 page

Capture Filters cheat sheet - it will help you create the right Capture Filter in Wireshark


How to display only the interesting traffic. Theory and practice.

Common mistakes in creating a Display filter
1 page

Display Filters cheat sheet - it will help you create the right Display Filter in Wireshark

1 page

Regular Expressions cheat sheet - it will help you find the specified string using Display Filters


How to export data as the specified packets


How to export data as the packet dissections, specified bytes and SSL keys


Learn how to reassemble the files from HTTP and FTP


Traffic samples that can help you e.g. to learn protocols etc.

4 questions
Section 5: Wireshark Customization
Useful Wireshark info that will help you to work more efficiently

Name Resolution in Wireshark - MAC addresses & Transport protocol ports


Name Resolution on L3


Customize the coloring rules

Section 6: Wireshark version 2 vs. classic version 1
How to install Wireshark version 2 (Windows example)
Wireshark version 2 vs. version 1 : Quick Review of New Features
Section 7: Advanced topics for Admins

Useful hints that can indicate the potential network problems


One of the cool Wireshark features that allows you to instantly create additional Firewall rules


How to view traffic statistics

Visually compare different traffic types with each other
Section 8: Hide & Detect
"Classical" methods to detect a sniffer, cons and pros

Practice one of the often used "classical" detection methods &
Learn how to effectively detect a sniffer

3 questions
Section 9: Additional Practice

Hot to carry out a remote secure capture with GUI

Additional Info about the Remote capture on various OS's

Decrypt Wireless traffic using built-in Wireshark features

How to hear IP-telephony calls, visualize and analyze the whole communication
Section 10: Conclusion

Thank you!

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Timur Mezentsev, Senior Network Engineer, CCNP, CCNA & MCSA-certified

Hello everybody!                                                                                                                 

I am a Senior Network Engineer, an Information Security Specialist (KFU), CCNP- and CCNA-certified and I also hold some Microsoft certifications.

Working for several years in IT, I have realized that networking is my passion.
Networking is all about connecting people, and I would like to share my knowledge with you to create my new own network.

I speak English, German, Russian, Polish and can understand a lot of other languages, which helps me consider the issues from all sides more quickly.
In my life I have been acting as a student, as a trainer, and as a specialist in the production environment. The skills which I obtained help me make the material clear for everyone.

My style is to be concise to save your time and always to be to the point.
If you want to get a lot of things in no time, please play my preview lessons and you'll see that I'm your guy! 

Let's get started!

Timur Mezentsev

Senior Network Engineer,

CCNP-certified (Cisco Certified Network Professional),
(Cisco Certified Network Associate),
MCSA-certified (Microsoft Certified Solutions Associate WS2008).

Ready to start learning?
Take This Course