Wireshark - Malware traffic Analysis

Video Description

Packet analysis is one of the important skills that a security professional should master, Today Will be using the Worlds leading network traffic analyzer, Wireshark for malware traffic analysis, Wireshark is a popular network protocol analyzer tool that enables you to gain visibility into the live data on a network. It’s a free and open-source tool that runs on multiple platforms. 🌏Web Site http://hackexplorer.net/ 💾Sample files in video https://github.com/HackeXPlorer/Channel-Resources TimeStamps 0:00 Introduction 0:35 Wiershark quick intro 0:46 What are IOC's? 1:35 Wireshark interface 2:38 Protocol Hierarchy - Understand traffic 3:56 Using filters 4:38 Adding columns to the interface (HTTP destination) 5:28 Find source and destination port 6:58 Finding the infected files downloaded 9:26 Finding hash values of the files 10:06 Using Virustotal 11:43 Find infected website 12:26 Find IP address of the infected site 12:44 Find the MAC address of the infected machine 12:56 Find the Hostname of the infected machine 14:24 Actions on the findings 15:05 More learning - Wireshark 101 15:24 More exercises on www.malware-traffic-analysis.net Download Wireshark https://www.wireshark.org/download.html Download Malware traffic sample http://www.malware-traffic-analysis.net/2014/11/16/index.html Main site: http://www.malware-traffic-analysis.net/ HashMyFiles HashMyFiles is a small utility that allows you to calculate the MD5 and SHA1 hashes of one or more files in your system. Download: https://www.nirsoft.net/utils/hash_my_files.html Hishan Shouketh 2019 Facebook https://www.facebook.com/hackexplorer Twitter https://twitter.com/Hack_Explorer Instagram https://www.instagram.com/hackexplorer/