Tweet
Network traffic always proves to be a gold mine when mined with proper tools. There are various open source and paid tools to analyze the traffic but most of them either have predefined functionality or scalability issues or one of a dozen other problems. And, in some cases when we are dealing with non-standard protocols, the analysis becomes more difficult. But, what if we can extend our favorite traffic analysis tool Wireshark to accommodate our requirements? As most people know, Wireshark supports custom plugins created in C and Lua which can be used to analyze or dissect the packets. In this workshop, we will learn the basics of Wireshark plugins and move on to create different types of plugins to perform dissection of non-standard protocol, provide macro statistics, detect attacks etc. We will use examples of older and newer protocols (including non-standard ones) to understand the plugin workflow and development.
Speaker(s): Jeswin Mathai, Nishant Sharma
Location: Packet Hacking Vlg
Discord: https://discord.com/channels/7082082...42376883306526
Event starts: 2020-08-08 09:00 (09:00 AM) PDT (UTC -07:00)
Event ends: 2020-08-08 11:00 (11:00 AM) PDT (UTC -07:00)
For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-07-29T01:18 (UTC).
Speaker(s): Jeswin Mathai, Nishant Sharma
Location: Packet Hacking Vlg
Discord: https://discord.com/channels/7082082...42376883306526
Event starts: 2020-08-08 09:00 (09:00 AM) PDT (UTC -07:00)
Event ends: 2020-08-08 11:00 (11:00 AM) PDT (UTC -07:00)
For the most up-to-date information, please either visit https://info.defcon.org, or use HackerTracker, which is available for iOS and Android. This is an automated message, and this data was last modified 2020-07-29T01:18 (UTC).