For cybersecurity
Wireshark customization
Education
(Code:Wireshark-10) |
5 days
(10:00-18:00)
|
Customized education for those who utilize
Wireshark for cybersecurity applications
Basic Wireshark operations
Advanced Wiresharks and CLI usage
Dissector/post-dissector creation
Unknown protocol analysis
Malware analysis, etc.
|
★Distribution
・Resume material
・CD-ROM
・USB memory
・Ikeriri bag
Others
|
|
Learn the latest Wireshark advanced
TIPS and techniques that can be used in practice.
Catch up to the latest version of Wireshark
Advanced customization of Wireshark TIPS
Application of display filters and capture filters
tshark/mergecap/editcap/dumpcap, etc.
Batch processing and JSON processing by CLI
Latest TCP (FastOpen/Compaund (TCP, etc.)
We will introduce debugging techniques such as dump analysis techniques for each protocol such as trend analysis.
Learn programming in Wireshark, including the Lua script specifications used in Wireshark's disector and listener.
About Wireshark Learn how to write plugins such as disectors and listeners, add functions to Wireshark, and how to analyze unknown protocols.
Creates post-disector/disector
Using Wireshark, a LAN analyzer, we will analyze the operation and behavior of malware, as well as introduce methods for collecting information, discovering root causes, and creating incident reports. *We will use capture files (trace files) from overseas Wireshark developer conferences, etc.
Based on these, we will be able to analyze and analyze unknown protocols. |
Days 1 and 2
Wireshark-1
Packet by Wireshark
Introduction to capture and trend analysis
Wireshark-9
Packet by Wireshark
Capture and application of trend analysis
|
Day 3
Lua-1
Wireshark customization with Lua script
and introduction to disector
Day 4
Malware-1
Malware analysis by packet capture
Day 5
Unknown protocol analysis/analysis/deciphering
|
