Welcome    Why?    Training    Games    ChangeBlog    External Resources    Submit Content


Pcap Analysis & Network Hunting

Creator:     Reid Gilman

License:    Creative Commons: Attribution, Share-Alike, Non-Commercial


Class Prerequisites: A basic understanding of TCP/IP and OSI model, Python programming experience helps with exercises.

Lab Requirements: tcpdump, Wireshark, and ChopShop. A linux/BSD/Mac system with the previous tools is recommended (as it should come with tcpdump). The lab materials are having sensitive materials removed and will be released soon.

Class Textbook: None

Recommended Class Duration: 2 day

Creator Available to Teach In-Person Classes: Yes

Author Comments:

Introduction to Packet Capture (PCAP) explains the fundamentals of how, where, and why to capture network traffic and what to do with it.  This class covers open-source tools like tcpdump, Wireshark, and ChopShop in several lab exercises that reinforce the material.  Some of the topics include capturing packets with tcpdump, mining DNS resolutions using only command-line tools, and busting obfuscated protocols.  This class will prepare students to tackle common problems and help them begin developing the skills to handle more advanced networking challenges.

Class Materials

Slides (91 slides)

Sanitized lab materials coming soon