Wireshark: The Art of Sniffing - Complete Crash Course
4.3 (12 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
110 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Wireshark: The Art of Sniffing - Complete Crash Course to your Wishlist.

Add to Wishlist

Wireshark: The Art of Sniffing - Complete Crash Course

How to use the Sniffer #1 in the World in different real scenarios and get paid more! Theory & Practice + V.2 INFO!
4.3 (12 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
110 students enrolled
Created by Timur Mezentsev
Last updated 9/2016
Price: $50
30-Day Money-Back Guarantee
  • 4 hours on-demand video
  • 6 Articles
  • 8 Supplemental Resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Use Wireshark like a champ
  • Make Receive-Only UTP cables and Passive Network Taps
  • Recover passwords from the traffic and analyze VoIP calls
  • Simulate Man-In-The-Middle attacks (MITM)
  • Understand the ins and outs of Sniffing
  • Detect sniffers in many ways
  • Use Regular Expressions
  • Decrypt Wireless traffic
  • Understand the OSI-model
  • Use Wireshark to create firewall rules
  • Securely use a remote server as a sniffer
  • Compare various traffic flows using graphs
  • Capture and Analyze the traffic using various filters
  • Extract files from the captured network traffic
  • ...and much-much more!
View Curriculum
  • Basic knowledge of networking like what is an IP-address
  • A computer with Windows, Linux or Mac OS X

UPDATED: + Includes information about Wireshark version 2!
Complete Wireshark® Crash Course that will help You use the Sniffer #1 in the World in different Real Scenarios!

Dear student, in a short time you'll be able to use Wireshark® - the Sniffer #1 in the World - in many ways!

This Complete Course covers many Sniffing topics and includes a lot of practice:

  • For Ethical Hacking Beginners I'm overviewing MITM-attacks like ARP Spoofing and methods to Hide & Detect a Sniffer
  • For Beginners in Networking I'm covering the Networking basics - from the OSI model and VLANs to Port Mirroring and Passive Sniffing
  • For Network Admins there are Useful Topics which will help Troubleshoot the Network, visualize and compare the Traffic Flows and carry out Remote Capturing
  • I'll also explain to You how to make Receive-Only UTP cables and Passive Network Taps
  • If You never installed Wireshark there are Full Wireshark® Installation Tutorials
  • In this course I'm reviewing the most used classic Wireshark® (v.1) that is very stable
  • I'm also reviewing some changes in NEW Wireshark® version 2
  • There are also various Labs, Cheat Sheets & Quizzes

As I appreciate Your time, my lessons are concise and clear - You'll need only 5 minutes

At the end of this Crash Course You'll be able to capture traffic, export it in different ways, analyze frames, be aware of the varieties of options to perform Man-In-The-Middle attacks and sniff traffic invisibly, detect an active Sniffer, and even hear and analyze VoIP-calls!

You'll like it - let's begin!

Who is the target audience?
  • Everyone who wants to learn Wireshark & GET PROMOTED
  • Network/System Administrators
  • Beginners in Ethical Hacking who want to learn Networking aspects of Sniffing
  • The users of GNS3
  • This course is NOT about the details of traffic analysis of the specific protocols
  • This course is NOT about in-depth security and ethical hacking methods, it shows the main principles of Sniffing attacks and demonstrates their dangers as well as points out to the Mitigation techniques
Students Who Viewed This Course Also Viewed
Curriculum For This Course
58 Lectures
Wireshark basics
9 Lectures 27:01
What is Wireshark and why it is the main software piece of this course
Preview 03:14

Please read this before using Wireshark!

Preview 00:42

How to install Wireshark on Windows

Preview 02:13

How to fast & correctly install Wireshark on Ubuntu (or on any other Debian-based Linux).

This method also works for Raspbian.

Preview 03:08

How to install Wireshark on Mac OS X
Installation on Mac OS X

Additional Info about the installation on OS X & Linux/Unix

Quick overview of the capture process;
Basic operations - start/stop the capturing process, save the capture

Wireshark basics - part 1: Capture & Save the Traffic

Quick overview of Main Menu & more details about the Packet Capture setup

Wireshark basics - part 2: Main Menu

Quick overview of the Toolbars and Panes

Wireshark basics - part 3: Toolbars & Panes
Networking of Sniffing: Crash Theory & Practice
11 Lectures 48:40

The OSI model is the must-know for every system/network admin

Preview 05:16

The OSI model is the must-know for every system/network admin
OSI Model - part 2

Learn the difference between a Hub, a Switch and a Router
Hubs, Switches & Routers - overview

Network Conceptions that determine the "borders" of Sniffing

Collision and Broadcast domains, VLANs

Learn how to mirror traffic by using a Managed Switch

Port Mirroring: SPAN & RSPAN

Learn the difference between various sniffing types as well as "invisible sniffing" methods
Active, Passive and Totally Passive Sniffing

Secure vs. Insecure protocols - What is the difference

Preview 00:31

One of still used & popular weak protocols is Telnet.
View how it's easy to see the whole communication including passwords etc.

Preview 03:39

Learn what is a tap, what various tap types exist nowadays and make your own FastEthernet passive tap
TAPs - theory & how to build a Passive Tap (+ schemes)

NIC modes that break the "normal rules"

Promiscuous mode & Monitor mode

Where should one place a sniffer

Place of a Sniffer

8 questions
Sniffing attacks: Crash Theory & Practice
10 Lectures 51:23
Various options to prepare your computer for the next labs
Prepare for Labs - 3 ways

The fastest way to get Kali Linux up and running in the virtual environment

How to run Kali Linux in VirtualBox

This attack can turn a switch into a hub

MAC Flooding - theory & practice

The most popular MITM-attack
ARP Spoofing - theory & practice

The insidious Wireless MITM-attack that is very hard to detect
Fake AP - overview

DHCP Starvation & DHCP Rogue Server - theory

DHCP attacks - part 1, theory

DHCP Starvation & DHCP Rogue Server - practice

DHCP attacks - part 2, practice

How an attacker can change the websites that a user browses

DNS Spoofing - theory & practice

How to intercept the traffic that is to be encrypted by SSL

SSL Hijacking - part 1, theory

SSL Hijacking practice - Simulation: sniffing Facebook test-user credentials

SSL Hijacking - part 2, practice

4 questions
Work with Traffic
11 Lectures 37:33
The core feature of almost every advanced sniffer that allows to turn binary data to protocol fields

How to capture only the interesting traffic. Theory and practice.

Capture filters

Capture Filters cheat sheet - it will help you create the right Capture Filter in Wireshark

Capture Filters - cheat sheet
1 page

How to display only the interesting traffic. Theory and practice.

Display filters

Common mistakes in creating a Display filter

Display Filters cheat sheet - it will help you create the right Display Filter in Wireshark

Preview 1 page

Regular Expressions cheat sheet - it will help you find the specified string using Display Filters

Regular Expressions - cheat sheet
1 page

How to export data as the specified packets

Export data - part 1: specified packets

How to export data as the packet dissections, specified bytes and SSL keys

Export data - part 2: packet dissections, bytes, SSL keys

Learn how to reassemble the files from HTTP and FTP

Export data - part 3: reassembling files from HTTP & FTP

Traffic samples that can help you e.g. to learn protocols etc.

Traffic samples

4 questions
Wireshark Customization
4 Lectures 23:59
Useful Wireshark info that will help you to work more efficiently
Profiles & Customization

Name Resolution in Wireshark - MAC addresses & Transport protocol ports

Name Resolution - part 1 (L2, L4)

Name Resolution on L3

Name Resolution - part 2 (L3)

Customize the coloring rules

Packet Colorization
Wireshark version 2 vs. classic version 1
2 Lectures 09:41
How to install Wireshark version 2 (Windows example)

Wireshark version 2 vs. version 1 : Quick Review of New Features
Advanced topics for Admins
4 Lectures 17:16

Useful hints that can indicate the potential network problems

Expert Info

One of the cool Wireshark features that allows you to instantly create additional Firewall rules

Firewall ACL Rules creation with Wireshark

How to view traffic statistics


Visually compare different traffic types with each other
Input/Output Graphs
Hide & Detect
2 Lectures 13:12
"Classical" methods to detect a sniffer, cons and pros
Hide & Detect - 1 (Classical anti-sniffing tests, theory)

Practice one of the often used "classical" detection methods &
Learn how to effectively detect a sniffer

Hide & Detect - 2 (ARP test & effective detection ways)

3 questions
Additional Practice
4 Lectures 16:14

Hot to carry out a remote secure capture with GUI

Remote capture on Raspberry Pi 2 or any Linux computer

Additional Info about the Remote capture on various OS's

Decrypt Wireless traffic using built-in Wireshark features

How to decrypt 802.11 traffic with Wireshark

How to hear IP-telephony calls, visualize and analyze the whole communication
Hear & analyze VoIP-calls
1 Lecture 01:02

Thank you!

Thank you!
About the Instructor
Timur Mezentsev
4.2 Average rating
12 Reviews
110 Students
1 Course
Senior Network Engineer, CCNP, CCNA & MCSA-certified

Hello everybody!                                                                                                                 

I am a Senior Network Engineer, an Information Security Specialist (KFU), CCNP- and CCNA-certified and I also hold some Microsoft certifications.

Working for several years in IT, I have realized that networking is my passion.
Networking is all about connecting people, and I would like to share my knowledge with you to create my new own network.

I speak English, German, Russian, Polish and can understand a lot of other languages, which helps me consider the issues from all sides more quickly.
In my life I have been acting as a student, as a trainer, and as a specialist in the production environment. The skills which I obtained help me make the material clear for everyone.

My style is to be concise to save your time and always to be to the point.
If you want to get a lot of things in no time, please play my preview lessons and you'll see that I'm your guy! 

Let's get started!

Timur Mezentsev

Senior Network Engineer,

CCNP-certified (Cisco Certified Network Professional),
(Cisco Certified Network Associate),
MCSA-certified (Microsoft Certified Solutions Associate WS2008).