Wireshark in 60 minutes - video course
3.7 (39 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
882 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Wireshark in 60 minutes - video course to your Wishlist.

Add to Wishlist

Wireshark in 60 minutes - video course

Wireshark tutorial - learn one of the most important tool every programmer and network admin should know.
3.7 (39 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
882 students enrolled
Created by Grzegorz Aksamit
Last updated 1/2015
Current price: $10 Original price: $20 Discount: 50% off
1 day left at this price!
30-Day Money-Back Guarantee
  • 1 hour on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Install and configure Wireshark for packet capture on Windows, Mac OS X and Linux
  • Capture network traffic for future analysis
  • Analyse captured network packets
  • Use Wireshark capture filters and display filters
  • Use Wireshark dissectors to analyse popular protocols like HTTP
  • Extract files from captured network traffic
View Curriculum
  • Basic knowledge of networking is necessary to reap the full benefits of this course. If you know what IP address, HTTP or UDP are you'll be fine.

Wireshark is the most powerful network analysis tool every coder should know. After you learn it it'll become one of the most important application in your toolbox.

If you are ...

  • experienced coder / programmer
  • ... or just learning programming
  • network administrator
  • linux enthusiast
  • interested in security and hacking

... this is the course for you!

I have more than 15 years of experience in programming and reverse engineering and I know how much harder my life would be without tool like Wireshark. That's why I've made this course. If I had such edu resources available when I was learning I could leapfrog to the next level and save a lot of time spent on trial and error.

The course is 19 lectures, 60 min of video content in total. It's pure knowledge, straight to the point, stripped of all unimportant crap.

Students so far rate it at 5 out of 5 stars. I'm confident you will not regret the one hour time investment in this course.

Here's what other students said about this course so far:

  • Elena Seranova ★★★★★: Impressed! This course def. helped me learn a lot about Wireshark!

  • Manuel Kraus ★★★★★: Wireshark is a great tool to analyze and manage your network and this course offers a solid, well-delivered introduction.

  • Yin Yin ★★★★★: Great intro to Wireshark! Good reference for Wireshark and great for new comers. A must have for anyone who really wants to get the most from Wireshark.

  • Mitch Stevens ★★★★★: Very too the point and helpful. The instructor has great knowledge of the course material and does a great job conveying that to the students.

  • Silviu Marisca ★★★★★: This course is brilliant and I truly recommend it

You can read more excellent reviews like that on the bottom of this page.

During this tutorial you'll learn how to use Wireshark sniffer to capture network traffic and then analyse it.

This is beginners course so I'll cover network related terms like TCP and network infrastructure basics.

You will learn how to install and run Wireshark on Windows, Mac OSX and Linux - console only systems.

I'll teach you how to capture network traffic, use capture filters and what is the promiscuous mode. I will also show you how to capture network traffic on remote unix system using command line tool: tshark.

Then, you'll learn captured packets analysis. I will teach you how to use and customize the main Wireshark window, what are dissectors and how are they related to display filters.

You will learn some advanced techniques like extracting files from captured network streams and separating one specific connection from the pcap file.

During the course I will provide you with a lot of external resources where you can learn more about Wireshark and network security in general.

At the very end, as a bonus session, I will show you practical example of capturing a password sent over HTTP connection.

Who is the target audience?
  • This course is for people with interest in network diagnostics, reverse engineering or network security enthusiasts. The course is meant for people with basic knowledge about how networks work.
  • This course is for network administrators willing to understand what is happening on their networks
  • This course is for complete beginners in sniffing network traffic
Students Who Viewed This Course Also Viewed
Curriculum For This Course
Expand All 19 Lectures Collapse All 19 Lectures 45:24
3 Lectures 05:23

I'm glad you've decided to take my course. I have more than 10 years experience in security related subjects including reverse engineering, code audit, exploit writing and network security. I'm confident you'll be very satisfied with what you'll learn from me.

This is my first Udemy course. I'll be more than happy to hear your feedback and ideas for next courses.


Preview 01:02

Just a quick overview of what you'll learn about Wireshark during this course.

Preview 01:17

You should be comfortable with terms like TCP, UDP, HTTP, network interface to fully grasp the knowledge from this course. In this lecture I'll take you through the quick summary of OSI layers model and most important protocols.

Preview 03:04
Installing Wireshark Sniffer
3 Lectures 07:24

Wireshark on Windows requires WinPcap. I'll show you how to get the application ready for next lectures.

Preview 02:00

You'll have to install X11/XQuartz to run Wireshark on Mac OS X and I'll show you exactly how to do that.

Preview 03:04

Most Linux distributions have Wireshark in their package repositories. I'll show you how to install and run Wireshark on Debian, Ubuntu and CentOS.

Preview 02:20
Capturing Network Traffic
4 Lectures 10:33

To know what traffic you can capture on a specific host you have to understand basics of network infrastructure around it. I'll show you most often encountered situations and explain where to run Wireshark to capture the traffic you're interested in.

Considering your network infrastructure

I'll show you the most basic use case for Wireshark - capturing network traffic to and from your own computer. You can use this to analyse and reverse engineer applications running on your computer.

Your first capture

Sniffing traffic on a busy network might get you gigabytes of data in minutes. You'll usually know in front which part of it is interesting for you so the rest is pretty much useless. I'll teach you how to use Wireshark capture filters to collect only those packets that are interesting for you analysis.

Using capture filters

Sometimes it's more convenient to use command line version of Wireshark to capture packets. Especially if you're sniffing on remote hosts like a linux server. In this lecture I'll teach you how to use Wireshark command line tools.

Using tshark - capturing from command line
Analysing Network Traffic
4 Lectures 14:34
The Wireshark window is where you spend most of the time and is composed of four main parts: packet list, packet tree, packet dump and tools.
Working in Wireshark's main window

Dissectors are crucial to understanding how Wireshark works and how to exploit it for your tasks. This is much beyond this course level but I'll tell you why some people code their own dissectors.
What are dissectors

You'll learn what are display filters, how they are different from capture filters and how to use them.
Using display filters

The default Wireshark view is not necessarily the most comfortable. I'll show you some alternative settings that I find more useful.
Customizing the Wireshark window
Advanced features
2 Lectures 03:56
I'll teach you how to separate the connection you're interested in from all the captured packets.
Following TCP conversation

You'll learn how to extract images, documents and other files that were transmitted over the network connection that you've captured.
Extracting files from captured traffic
Final thoughts
2 Lectures 01:48
I'll provide you with some useful links, books and online communities where you can learn much more about Wireshark and network security.
Useful additional resources

I would love to hear from you what would you like to learn in next course. There are lot of related things I can teach you about. Like analysing SSL encrypted traffic or capturing traffic from your iPhone or Android apps.
Thank you! - What to cover next?
1 Lecture 01:46
In this lecture you'll see practical example of using Wireshark to snoop on password sent to non-encrypted website - Linksys router administration page.
Practial Example: Sniffing password sent over HTTP
About the Instructor
Grzegorz Aksamit
3.7 Average rating
39 Reviews
882 Students
1 Course
Entrepreneur, CTO, more than 10 years of experience in IT

Grzegorz Aksamit is an IT professional with over 10 years of experience in security related subjects.

He started in the early 90’ by learning programming on Amiga 500. As a teenager he learned to crack shareware software. Then, Grzegorz became interested in linux and network security, learned how to perform penetration tests and code audit.

He has a lot of successes in discovering and exploiting software vulnerabilities.

In the meantime Grzegorz was working as a programmer. He is fluent in many programming languages including C, C++, Python and Java. He has experience with business intelligence and data warehousing, distributed systems and mobile applications.

Today Grzegorz Aksamit a board member at two IT companies. He is managing teams responsible for network security, programming and big data.