Welcome to our course for Network Analysis! We will be teaching you how to effectively use Wireshark and TCPDump for recording network traffic, and analysing packet captures. To reinforce everything you’ve learned, we have created a number of PCAPs that you will be analysing with the tools covered in this course. For the final challenge, you will be conducting a security investigation into a network compromise, using a PCAP to uncover the malicious activity.
Below are the practical aspects that are included in this course, giving you a chance to put the knowledge you’ve learned into practice, and gain some hands-on experience.
You are required to analyse 2 PCAPs and answer questions based on the activity that has been recorded, proving your skills using different Wireshark features.
Using TCPDump, the command-line tool, you will be analysing two PCAPs to answer specific questions about the traffic that was captured.
Course challenge: MALICIOUS PCAP INVESTIGATION
You have been given a PCAP which contains recorded malicious network traffic, and your job is to uncover exactly what is happening on the compromised network.
Below is a list of the tools and services that this course will teach you how to use. Some tools or services may be missing from this list, so it should not be treated as a complete index for everything within the course.
- Wireshark (Capturing Traffic)
- Wireshark (Analysing PCAPs)
- TCPDump (Capturing Traffic)
- TCPDump (Analysing PCAPs)
If you complete the final exam, you will be eligible to receive an e-certificate showing that you have completed this course and developed your network analysis fundamental skills! Great for sharing on LinkedIn to showcase your motivation and drive to develop your skills (plus we love hearing from our students!)
All content in this course is Copyrighted by Security Blue Team 2020. Any copying, redistributing, or sharing in any way to non-paying students is an unlawful breach of this copyright, and will result in legal action to claim for damages.