THM Practice Rooms - https://tryhackme.com/room/wireshark, https://tryhackme.com/room/overpass2hacked
Wireshark Cheat Sheet – Commands, Captures, Filters & Shortcuts
**https://github.com/security-cheatsheet/wireshark-cheatsheet**
Tip for CEH Practical Exam: Identifying types of attacks based on traffic via your favorite traffic analyzer. #wireshark (Keep in mind what the first D in DDoS stands for Distributed. Meaning it must be coming from multiple IPs against one single IP target. It is easy to filter Wireshark on destination IP to see if multiple people are attempting connections to a single IP)
http.request.method == "POST" → Applying this syntax helps you narrow down the search for http POST traffic (helpful in seeing the usernames and passwords of unencrypted (HTTP) traffic.
tcp.port == 21 → view TCP packets traffic on port 21
tcp.stream eq <Number> OR right-click a packet, Follow TCP Stream→ Follow a TCP Stream, selects all the packets in the current stream, here Number reflects the stream number which has to be followed to get various data packets, Number starts from 0
iLabs pg no. 1008