The packets don't lie. You can hide processes or logs, but you cannot hide packets. Malware is a major problem in today's networks. Chris Greer is the Wireshark master. He shows us how to use Wireshark to find Malware and suspicious traffic in our networks.
// PCAP download //
Get the pcap here: https://malware-traffic-analysis.net/2020/05/28/index.html
// Websites mentioned //
ja3: https://ja3er.com
If ja3er doesn't work, try this site: https://sslbl.abuse.ch/ja3-fingerprints
Malware Analysis pcaps: https://malware-traffic-analysis.net
//CHRIS GREER //
Wireshark course: https://davidbombal.wiki/chriswireshark
Nmap course: https://davidbombal.wiki/chrisnmap
LinkedIn: https://www.linkedin.com/in/cgreer/
YouTube: https://www.youtube.com/c/ChrisGreer
Twitter: https://twitter.com/packetpioneer
// David SOCIAL //
Discord: https://discord.com/invite/usKSyzb
Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/@davidbombal
YouTube: https://www.youtube.com/davidbombal
// MY STUFF //
https://www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: [email protected]
// MENU //
00:00 - Intro
04:24 - Sharkfest / DEFCON
05:55 - What is Threat Hunting?
07:33 - Why threat hunt with Wireshark?
10:05 - What are IOCs
10:30 - Why should we care?
12:23 - Packets/PCAPs
18:48 - 'Low hanging fruit'
21:10 - TCP Stream
27:29 - Stream
35:00 - How to know what to look for?
37:49 - JA3 Client Fingerprint
41:25 - ja3er.com
48:08 - Brim
52:20 - TSHARK
58:50 - Large Data Example
01:04:00 - Chris' Course
01:06:20 - Outro
malware
hacking
hacker
wireshark
udp
http
https
quic
tcp
firewall
firewall quic
quic firewall
threat hunting
hack
hackers
blue team
red team
tshark
chris greer
http
https
ssl
nmap
ja3
ja3 ssl
ssl fingerprint
nmap tutorial
defcon
sharkfest,
acket analysis
wireshark training
wireshark tutorial
free wireshark training
wireshark tips
wireshark for beginners
wireshark analysis
packet capture
wireshark tutorial kali linux
wireshark course
introduction to wireshark
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#malware #hacking #wireshark