757-216-3656 | Monday–Friday 8:30 AM – 4:30 PM | info@itdojo.com
www.itdojo.com
757-216-3656
info@itdojo.com
Advanced Wireshark Training
Duration: 5 Days  |  Instructor-Led · Live Remote Online or On-Site
Cybersecurity & IA Training for DoD and Federal Teams

Advanced Wireshark Training

Course Duration

5 Days

Audience

Employees of federal, state and local governments; and businesses working with the government.

Prerequisites

Basic knowledge of TCP/IP protocols

Course Description

This hands-on course uses only freely available open source tools and is beneficial to anyone performing a cyber investigation or vulnerability assessment. Law enforcement and military communities were specifically in mind during the design, however anyone in cyber security would benefit. You will learn to use open-source tools from the Kali.org Linux distribution. You will learn both active and passive methods to gain information on the person(s) of interest. Hands-on labs combined with various hardware demonstrations, give you numerous opportunities to apply what was learned during the lecture.

Course Outline

Passive Reconnaissance
  • Best practices to capture network traffic on 802.11 wireless, Bluetooth and ethernet networks. Aircrack, tcpdump and Wireshark will be used. Capture filters will be used to narrow the scope of the case.
  • Examine 802.11 specific headers as well as the TCP/IP protocol headers
  • Analyze the data using Wireshark. Various statistics and graphing which can be used to isolate connection patterns
  • Identify ARP spoofing in Wireshark
  • Signature identification and filtering for operating systems and connection establishment with Wireshark
  • Extract executables and images from Wireshark
Active Reconnaissance – Wireshark is used during all to aide in the understanding of methods and protocols
  • Best practices to scan an environment using Nmap and Zenmap. From networks down to services on hosts, active scans will be used to gather data.
  • Use a SOCKS proxy and Tor to anonymize traffic scans.
  • Transparently intercept SSL/TLS connections via SSLsplit.
  • Discover the target company’s IP netblocks, domain names and DNS record types via DNSRecon, dnsmap, nslookup and dig.
  • Gather emails, subdomains, hosts, employee names, open ports and banners from different public sources like search engines, PGP key servers and SHODAN computer database via theharvester.
  • Search for potentially sensitive data across the network via smbmap. You will list share drives, drive permissions, share contents, upload/download functionality, file name auto-download pattern matching, and even execute remote commands.
  • Locate UPnP devices, consumer grade access points for example, via Miranda. You will gain full control over application settings, and enumerate devices and services.
  • Build a dossier of websites, RDP services, and open VNC servers with header info and default credentials using EyeWitness.
  • Visualize relationships between the information gathered via CaseFile to create a summary of the data gathered.

Frequently Asked Questions

What does the Advanced Wireshark Training course cover?

This course covers Network traffic analysis and packet inspection with Wireshark. IT Dojo delivers it as live instructor-led training with an emphasis on practical skills for government and DoD professionals.

How long is IT Dojo's Advanced Wireshark Training training?

IT Dojo's Advanced Wireshark Training training is 5 Days. It is available as live remote online instruction or on-site at your facility. All sessions are instructor-led with small class sizes to ensure individual attention.

Is this course available as live remote online training?

Yes. IT Dojo offers Advanced Wireshark Training as live remote online training. A certified instructor leads the session in real time — students interact via chat or microphone. Classes are kept small (typically no more than 16 students) to ensure engagement. On-site delivery at your government facility or contractor location is also available.

What prerequisites are recommended before this course?

Basic knowledge of TCP/IP protocols.

Does IT Dojo offer this training on-site at government or DoD facilities?

Yes. IT Dojo delivers Advanced Wireshark Training on-site at government agencies, DoD commands, military installations, and contractor facilities. On-site training is ideal for teams of four or more and can be customized to your organization's specific environment and mission requirements. Contact IT Dojo to schedule.

How do I register for this course?

IT Dojo training is employer-sponsored — your organization registers and pays for seats. To schedule Advanced Wireshark Training for your team, contact IT Dojo via the Request Training form or call 757-216-3656. IT Dojo will work with your contracting officer, training coordinator, or program office to set up the course.

Request Info & Pricing

Get details on scheduling, pricing, and delivery options for this course.

757-216-3656
Upcoming Course Dates

Classes are forming now, contact us about upcoming dates and scheduling!

Can't find what you're looking for?

Let us know! Chances are we have access to the training that you need.

Have questions or need more information?

Contact us today at:

757-216-3656 info@itdojo.com
About Our Instructors

All IT Dojo courses are taught by certified, active industry practitioners.

Meet Our Instructors

For scheduling, pricing, and enrollment information, please contact IT Dojo:

Phone: 757-216-3656    Email: info@itdojo.com    Web: www.itdojo.com

IT Dojo, Inc. • 4176 South Plaza Trail, Suite 207 • Virginia Beach, VA 23452

Employer-sponsored training only. Serving Federal Government, DoD, and Corporate clients since 2003.

You May Also Be Interested In

Request Any Training
Get More Information

We cannot work with the general public. We only work with Government Agencies, Military, government contractors, and corporate clients.