Wireshark یک آنالیزگر پکت در شبکه است. یک آنالیزگر پکت، پکت هایی که در شبکه رد وبدل می شوند را به دام انداخته و آنها را مورد پردازش قرار می دهد و در صورت امکان جزئیات آن را نمایش می دهد. در واقع این نرم افزار به طور دقیق آنچه را که از طریق کابل می گذرد را به دام انداخته و مورد برسی قرار می دهد. Wireshark نام جدید برنامه معروف Ethereal است که تا کنون در برخی از دانشگاه ها تدریس می شود.
لينک دانلود کتاب Wireshark for Security Professionals: Using Wireshark and the Metasploit Framework
دانلود – حجم : 13 مگابايت
رمز فايل: technet24.ir
Author: Jeff T. Parker, Jessey Bullock
Length: 288 pages
Publication Date: 2017-03-20
Master Wireshark to solve real-world security problems
If you don’t already use Wireshark for a wide range of information security tasks, you will after this book. Mature and powerful, Wireshark is commonly used to find root cause of challenging network issues. This book extends that power to information security professionals, complete with a downloadable, virtual lab environment.
Wireshark for Security Professionals covers both offensive and defensive concepts that can be applied to essentially any InfoSec role. Whether into network security, malware analysis, intrusion detection, or penetration testing, this book demonstrates Wireshark through relevant and useful examples.
Master Wireshark through both lab scenarios and exercises. Early in the book, a virtual lab environment is provided for the purpose of getting hands-on experience with Wireshark. Wireshark is combined with two popular platforms: Kali, the security-focused Linux distribution, and the Metasploit Framework, the open-source framework for security testing. Lab-based virtual systems generate network traffic for analysis, investigation and demonstration. In addition to following along with the labs you will be challenged with end-of-chapter exercises to expand on covered material.
Lastly, this book explores Wireshark with Lua, the light-weight programming language. Lua allows you to extend and customize Wireshark’s features for your needs as a security professional. Lua source code is available both in the book and online. Lua code and lab source code are available online through GitHub, which the book also introduces. The book’s final two chapters greatly draw on Lua and TShark, the command-line interface of Wireshark.
By the end of the book you will gain the following:
- Master the basics of Wireshark
- Explore the virtual w4sp-lab environment that mimics a real-world network
- Gain experience using the Debian-based Kali OS among other systems
- Understand the technical details behind network attacks
- Execute exploitation and grasp offensive and defensive activities, exploring them through Wireshark
- Employ Lua to extend Wireshark features and create useful scripts
To sum up, the book content, labs and online material, coupled with many referenced sources of PCAP traces, together present a dynamic and robust manual for information security professionals seeking to leverage Wireshark.
Table of Contents
Chapter 1 Introducing Wireshark
Chapter 2 Setting Up the Lab
Chapter 3 The Fundamentals
Chapter 4 Capturing Packets
Chapter 5 Diagnosing Attacks
Chapter 6 Offensive Wireshark
Chapter 7 Decrypting TLS, Capturing USB, Keyloggers, and Network Graphing
Chapter 8 Scripting with Lua