![Chris Greer](/img/default-banner.jpg)
- 111
- 6 423 958
Chris Greer
United States
Приєднався 30 вер 2010
Wireshark can be intimidating. Let's change that.
This channel is about analyzing protocols with Wireshark and other packet shredding tools. These skills are critical for network troubleshooting, Cybersecurity, and all IT roles.
For business inquiries please contact me at packetpioneer(at)gmail.com.
Thank you so much for subscribing and sharing this content!
// WIRESHARK TRAINING //
Udemy Course - Getting Started with Wireshark - bit.ly/udemywireshark
Live Wireshark Training - TCP/IP Deep Dive Analysis with Wireshark - bit.ly/virtualwireshark
This channel is about analyzing protocols with Wireshark and other packet shredding tools. These skills are critical for network troubleshooting, Cybersecurity, and all IT roles.
For business inquiries please contact me at packetpioneer(at)gmail.com.
Thank you so much for subscribing and sharing this content!
// WIRESHARK TRAINING //
Udemy Course - Getting Started with Wireshark - bit.ly/udemywireshark
Live Wireshark Training - TCP/IP Deep Dive Analysis with Wireshark - bit.ly/virtualwireshark
I wish I new this filter SOONER!!
I use this filter all the time to isolate traffic that runs over different TCP ports. You can do the same thing with UDP ports. The membership operator is a fantastic filter to learn with Wireshark!
If you like this content, let me know by subbing!
== More On-Demand Training from Chris ==
▶Getting Started with Wireshark - bit.ly/udemywireshark
▶Getting Started with Nmap - bit.ly/udemynmap
== Live Wireshark Training ==
▶TCP/IP Deep Dive Analysis with Wireshark - bit.ly/virtualwireshark
== Private Wireshark Training ==
Let's get in touch - packetpioneer.com/product/private-virtual-classroom/
== Social ===
LinkedIn - www.linkedin.com/in/cgreer/
X Twitter - packetpioneer
If you like this content, let me know by subbing!
== More On-Demand Training from Chris ==
▶Getting Started with Wireshark - bit.ly/udemywireshark
▶Getting Started with Nmap - bit.ly/udemynmap
== Live Wireshark Training ==
▶TCP/IP Deep Dive Analysis with Wireshark - bit.ly/virtualwireshark
== Private Wireshark Training ==
Let's get in touch - packetpioneer.com/product/private-virtual-classroom/
== Social ===
LinkedIn - www.linkedin.com/in/cgreer/
X Twitter - packetpioneer
Переглядів: 7 282
Відео
Analyze Traffic Faster with Custom Columns!
Переглядів 9 тис.Рік тому
Columns are great in speeding up analysis. But sometimes we add a column that works for some protocols and not others. In this video we will look at how to add a custom column that we can use to quickly see both the UDP and TCP ports in Wireshark. Let's dig! If you like this content, let me know by subbing! More On-Demand Training from Chris ▶Getting Started with Wireshark - bit.ly/udemywiresha...
Getting Started with Nmap - Full Course with @davidbombal!!
Переглядів 16 тис.Рік тому
David Bombal and I teamed up to create an Nmap course that digs deep into the network scans and shows how they work. We learn how to capture the scans with Wireshark to analyze what really happens on the wire. Check it out! bit.ly/udemynmap Don't mean to throw a commercial at you guys but you supporting me this way really helps me keep the channel going, so thank you to all who take the course!...
SPYWARE Analysis with Wireshark - STOLEN LOGINS!
Переглядів 16 тис.Рік тому
In this video we are going to take a look at how Agent Tesla Spyware works. Using an exercise from malware-traffic-analysis.net, we will learn what indicators to look for as this Spyware steals user credentials. Let's dig! Get the pcaps here - malware-traffic-analysis.net/training-exercises.html More On-Demand Training from Chris ▶Getting Started with Wireshark - bit.ly/udemywireshark ▶Getting ...
Hands-On Traffic Analysis with Wireshark - Let's practice!
Переглядів 32 тис.Рік тому
This was a great room - a bit of a challenge, but we are up for it. Let's take a look at what filters we can use to solve this room quickly. tryhackme.com/room/wiresharktrafficanalysis You can also check out my TryHackMe Wireshark Filters room at: tryhackme.com/jr/wiresharkfilters More On-Demand Training from Chris ▶Getting Started with Wireshark - bit.ly/udemywireshark ▶Getting Started with Nm...
How to Start Hacking Websites
Переглядів 11 тис.Рік тому
Watch as Nahamsec shows us how to hack Cisco.com legally. Before going further with a Bug Bounty or red team engagement, we first need to understand the attack surface. Active recon is a way to learn which sites, APIs, or hidden links are accessible. Follow along as Ben shows us how! Like, share, subscribe if you think this is good content! // Links and things // Nahamsec Channel - www.youtube....
The Top 3 Web VULNERABILITIES with Nahamsec
Переглядів 4,3 тис.Рік тому
In this video, Nahamsec tells us the top 3 vulnerabilities he looks for on hacking engagements or bug bounties. Complete with a war story or two! Like, share, subscribe if you think this is good content! // Links and things // Nahamsec Channel - www.youtube.com/@NahamSec Nahamsec Website - nahamsec.com/ Hacker 101 - www.hacker101.com TryHackMe - www.tryhackme.com VulnHub - www.vulnhub.com/ Intr...
How to Use the TCP Completeness Value in Wireshark
Переглядів 11 тис.Рік тому
This field is one that I am looking at more and more in my network and application analysis. The TCP completeness field can help when finding scans, unused connections, or resets. Here is a link to the pcap I use in the video - packetpioneer.com/wp-content/uploads/tcp-completeness-chrisgreer.pcapng.zip Link to the Wireshark TCP Analysis writeup - www.wireshark.org/docs/wsug_html_chunked/ChAdvTC...
Learn Web Hacking with @Nahamsec // Top 3 Skills
Переглядів 6 тис.Рік тому
Web is everywhere. In order to protect it, we need to know how it works, how to find its weaknesses, and what to do if we find one! In this series, Nahamsec himself joins Chris on a journey to learn how to hack websites for vulnerabilities. Whether the goal is to project our own environment, learn Bug Bounty, or sheer interest, web hacking is becoming an important skill to learn and master. Let...
3 Things to Look For in EVERY TCP Handshake
Переглядів 9 тис.Рік тому
What should we look for in any TCP Handshake we see? This video goes into the top three. There are more things, but we will start here. If you like this content, let me know by subbing! More On-Demand Training from Chris ▶Getting Started with Wireshark - bit.ly/udemywireshark ▶Getting Started with Nmap - bit.ly/udemynmap Live Wireshark Training ▶TCP/IP Deep Dive Analysis with Wireshark - bit.ly...
Wireshark Practice - Hands-On
Переглядів 10 тис.Рік тому
Nothing replaces getting practice with Wireshark on your own. Hands-on labs are huge in helping us to build our packet-shredding skillset. In this video we walkthrough the Packet Operations room on TryHackMe. This room is a part of the SOC Analyst 1 path which covers network and packet analysis with a variety of tools including Wireshark. tryhackme.com/room/wiresharkpacketoperations Also, for m...
Can AI Create Wireshark FILTERS? // ChatGPT
Переглядів 12 тис.Рік тому
Can AI Create Wireshark FILTERS? // ChatGPT
TryHackMe Walkthrough // Wireshark Basics Room - SOC Analyst 1
Переглядів 18 тис.Рік тому
TryHackMe Walkthrough // Wireshark Basics Room - SOC Analyst 1
Quick Tip - Analyzing Endpoints in Wireshark
Переглядів 6 тис.Рік тому
Quick Tip - Analyzing Endpoints in Wireshark
Analyzing Conversations - Wireshark QUICK TIP!
Переглядів 9 тис.Рік тому
Analyzing Conversations - Wireshark QUICK TIP!
What's NEW in Wireshark 4.0 // Interview with Gerald Combs - Wireshark Creator
Переглядів 11 тис.Рік тому
What's NEW in Wireshark 4.0 // Interview with Gerald Combs - Wireshark Creator
BUILD a Packet Capture Appliance for $200! Raspberry Pi
Переглядів 18 тис.Рік тому
BUILD a Packet Capture Appliance for $200! Raspberry Pi
Quick filtering with Wireshark - Drag n' DROP!
Переглядів 7 тис.Рік тому
Quick filtering with Wireshark - Drag n' DROP!
TryHackMe WIRESHARK Filters Walkthrough
Переглядів 11 тис.Рік тому
TryHackMe WIRESHARK Filters Walkthrough
Learn Wireshark Filters // TryHackMe Room Overview
Переглядів 5 тис.Рік тому
Learn Wireshark Filters // TryHackMe Room Overview
CHANNEL UPDATE!!! What's coming up???
Переглядів 2,9 тис.Рік тому
CHANNEL UPDATE!!! What's coming up???
How I Passed the Cisco CyberOps Associate Certification // CBROPS 200-201
Переглядів 21 тис.2 роки тому
How I Passed the Cisco CyberOps Associate Certification // CBROPS 200-201
MALWARE Analysis with Wireshark // TRICKBOT Infection
Переглядів 45 тис.2 роки тому
MALWARE Analysis with Wireshark // TRICKBOT Infection
Fix a TCP ZERO Window // TCP Deep Dive with Wireshark
Переглядів 22 тис.2 роки тому
Fix a TCP ZERO Window // TCP Deep Dive with Wireshark
Let's FIX a BROKEN TLS Handshake // with Wireshark
Переглядів 15 тис.2 роки тому
Let's FIX a BROKEN TLS Handshake // with Wireshark
FIVE COMMON MISTAKES when using Wireshark
Переглядів 28 тис.2 роки тому
FIVE COMMON MISTAKES when using Wireshark
The Top 15 Network Protocols and Ports Explained // FTP, SSH, DNS, DHCP, HTTP, SMTP, TCP/IP
Переглядів 86 тис.2 роки тому
The Top 15 Network Protocols and Ports Explained // FTP, SSH, DNS, DHCP, HTTP, SMTP, TCP/IP
it works on LAN too? or only works via wifi?
But what is the significance of it
Interesting...
just pushed subscribe before 30 secs this is my first videos ❤❤❤
Thank you for the content, and for letting kitty participate!
liked it
Thank you Chris for sharing your knowledge.
Long introduction.
Excellent video by the Chris!!!
These are excellent contents, Chris. I'd like to know more about TCP Optimization.
Hi Chris, thanks foe the nice and informative video, watched it couple of times and using it as a reference. I have a question which I couldn't find any answer for that. What does "windows scaling factor -1 [unknown] means and is it a problem ? Thanks in advance.
It’s one thing to simple push buttons and watch “stuff” happen, but in the legal world (criminal and civil), you may very well be called to testify to the veracity of the “evidence” you discovered. If you lack experience and don’t understand what is going on “under the hood”, prepare to be made to look like a bumbling fool. Your evidence will be easily suppressed. So, yeah you need to know more than pushing buttons and typing commands and stating “well that’s what I was taught to do, but I don’t know what any of it really means or how it works.”
AND, the better you know how to hack, the better you will be at troubleshooting a hacked network! In my humble opinion, you will not be a good network security person if you don’t know how to hack.
what is the relation between window size and mss? i.e. if we have a window size of 65535 and a capacity of 1460mss, does it mean we can receive almost 45 tcp segments with 1460 bytes in payload each in a row?
Excellent! Thanks,
⭐️👍⭐️
At 6:37, why do we compare UDP to IP, instead of asking "why is quic built on top of UDP instead of TCP". I am confused because IP is a network layer protocol, so obviously it makes more sense to build quic on top of UDP. What do i miss here?
18:16 Instead of Following TCP Stream. Follow HTTP Stream and you will get a hit on artist=1. Excellent well-paced, great explanations and tips in this video. As someone new to Wireshark I have learned a lot and looking forward to learning much more from you.
Good stuff! definitely make more and if possible in your own website and charge a small fees for a certificate of completion 😅
.
this was one of the best explanation videos ever! thanks Chris
.
⭐️👍⭐️
Man your way of explaining things is just absolutely amazing! Great video!
How to decrypt data from HTTPS make a video on this one please
Thank you, brother!!
13:26 how did you know there are repated
Great video Chris, thank you :)
I know this class series is a bit older now, but i wanted to drop a massive thank you just the same. Im stepping up my network game at work which also gappens to be a new company for me too. Ive been able to follow along and also realized how much i already knew, but was able to get fully comfy. On my way to becoming an SME in no time!! Thank you my good sir x a thousand!
Great video
you explain this so well. i am so grateful for you and this channel
when trying to setup a ring buffer and save the files into a folder it says "Ring buffer requested, but capture isn't being saved to a permanent file."
Chris, why client didn't acknowledge packet no. 6 from the server? It only acknowledge packet no. 7?
Thanks, FYI to understand the DHCP flow. I'm new to this technology, If we use the password-enabled AP sometimes the DHCP/PING(ICMP) packets are not showing in the wireshark. I have enabled the decryption keys, but the packets are still not decrypted properly. I have added the key to the 802.11 protocol decryption column "password:ssid". How to get the all the time dhcp, icmp(ping) frames in the wireshark? I have tried two ways 1) I have used the airpcap in windows 2) i have used linux laptop in that i have configured the interface as monitor mode with the default wifi card. Both the ways are not helpful. please correct if i did anything wrong.
I’ve been trying to understand activity done on websites such as something like, what did someone look up on google? Is it possible to see what they searched or is the decryption not that strong?
Get to the point .
Hey chris, I just wanted to know can is possible to capture COM data on wireshark in unix system.????
Chris deserves more subscribers. Contents are great and explained well.
You lost me early.
THANK YOU FOR MAKING THIS VIDEO. I have started my journey in CS and a job I applied to has asked me to extract a pdf file from the PCAP and this helped me so much! THANK YOU
OMG ME TOOO!!!
Was it Nukuo?
@@finance10102 YOOO YES 😂 small world man!
@@finance10102 yes same
Did you follow this step by step and it worked?
Hi Chris you are great and having each classes and seminar wonderful...but I am little bit confused about window size vs acknowledge number as you say acknowledge sent once bytes of packet transferred to other end ...now how can we track particular data from specific window which is lost during communication....pls correct my understanding if I am wrong let's suppose we have window 65535 at both side and mss value is 1460 ...so data can be transferred 1460 bytes in once and assign 1 sequence number which require acknowledge number based on previous sequence number +1
Or you can tell how window size , sequence number and acknowledge number work together....I am very much clear about specific these terminology but confused about you said as acknowledge can given only when whole window data transfer
I'm relatively new to tcp analysis and I have a strange example where the window size green graph seems totally uncorrelated to the other bytes in flight (blue) / acknowledge (brown) graphs which is unlike in your example. Also in the trace I have the bytes in flight are always displayed along the brown graph. What is the explanation to what I'm seeing?
Am I the only one who thinks this tutorial is hard as a beginner🙂
10 out of 10 rating from me. Best explanation ever.
not working but useful information
Sir I want hack some websites kindly help me
The IPs on the endpoints are the ones that someone is hacking me from?
why does the guy on the right have shrek's balls for eyes
You are just awsome.
give us a new link for the log file thanks sir