Hacker hunting with Wireshark (even if SSL encrypted!)

Great content and I’m a master barber 💈 and I have been on the edge of my seat from the very beginning to the end so this is how it gets done and it’s been interesting to watch so I’m thinking about doing this as fun 🤩 and like you said a beginner tech guy could get lucky 🍀 so my goal is to understand the hunt. Thanks 🙏 for being your self.

Is this Guy the real Jack Resyder, that is his voice!

Hey'all, anyone figure out the fix for the NPCAP ERROR 0X8007007e (error installing Npcap - unable to run Wireshark)? Thanks in advance. Tifkat

Thank you for your great lecture!! I am a victim of hacking. I can get hacking clue, because David and Chris taught sophisticatid method. I hope you upload further method for hunting hackers!

Thank you for your great lecture!! I and my friends and neighbors have been hacked by a hacking group. I can find a hacking clue, because Chris and David teach sophisticated method. I expect your next great teaching movie for hunting hackers!

Amazing !!

⭐️⭐️

the IP you get its a negative of the IP you talk

A really useful video. Thesis is so powerful and every day is a learning day. Have an anan 8000fle. Glad I have not updated sunsdr2 software form vs2.only thing I miss on thesis is recording band activity and the ability to variably change FM rx bandwidth

👳🏾‍♂️💩

Fun fact: Whilst watching this video I was trying the things myself and I found some malicious looking SSH Traffic - I once opened that port to be able to acces my laptop from the outside and it didn't worked. Turns out - now it works and I was seeing an SSH Bruteforce Attempt on root (which is not allowed to log in anyway). I found that after I discovered that it was incoming SSH Traffic I looked up in the auth.log and indeed - whilst recording this attack has started! So my User uses a safe password. There is another user which was able to login, but as I don't know how secure his password is and he doesn't use it anyway atm and in any foreseeable time I locked that account and if he needs it again I can unlock him (he uses another network, where no ports are open so he'd be safe)...

I am totally new to this field .. Are packets same as discussed in the OSI model? kindly guide

I'm liking that Shark 🦈 stuff man!! I'm actually taking the Google IT support certificate! 😅

I was able to see how insecure smb was over network connections when I was new in IT

I laugh when I see nerds like this talking about it as if they understand it properly when even with studying they still fail to understand basics. The very fact they have to use an App indicates they have zero clue what they are looking for and the types of behaviors and patterns associated. The app does all the work, not the user. One of the biggest shortfalls of this app is the fact that at enterprise level this type of scanning can actually be done in real-time on your proxy(firewall), so why buy a 2nd app? As for not hiding packets, we indeed can. We encrypt the packet to make it unreadable and its data secure or turn it into a pseudo packet (a packet which imitates another app or protocol). All a packet needs is the destination and return address again these can be fake, triggering a relay to redirect.
I've spent my life on the other side of that line. These uni boys just do not get tech the same way us autistic no life hackers do, no matter how much they try to study it. You see where they see knowledge to learn we see method without this pre-existing knowledge as the subject just makes sense naturally to us. IT is one of the few industries where we are able to make the impact that we do. We make their life hell. Ask them..... Im not saying Im smarter than all the uni goers in the IT industry but definitely more than 90% of them. Hacking and protecting is about patterns and protocols, it couldn't be more autistic if you tried. Its like being a math professor next to one of those Chinese math prodigy classes. Whilst the professor may have more actually knowledge it's the maths prodigies with the methods and action.
Furthermore most modern networks will actually restrict all data to specific ports and protocols.

The quality of this video is off the charts! Thank you both for your work.

Interesting, I think I understand to some degree what you are looking for, but what's the 'cure'? How do you get rid of the code/malware?

Love the videos! Can you guys make one that is dedicated to setting up Wireshark profiles?

This is GOLD! Thanks to you both for the extraordinary work you do AND teach!

Thanks to you both for creating such valuable content!

“I’m wearing the wrong color hat” switches to black “alright now let’s go see what’s on this server in china”

Could make a smart box for the average business/ consumer to alert

This video was awesome. Question? When you found that malware threatbot thingy how do you then get rid of it

great video!~

I would love to see more blue team videos.

It's really a superb video, obvious to someone with little experience, clear and audible, really great work, I love this kind of content, many thanks :-). (Addressed to David Bombal and Chris Greer).

Dude acts as if he's a bounty hunter for escaped convicts.

Shoot! I use WireShark at work, but never thought to use that at home to see what's going on. A good reminder of a nice tool.

I love how professionals are both the way they talk and kind of complement each other with their personalities

I learned Wireshark then called Ethereal about 20 years ago. Back bore wireshark either you bought some expensive tool or learned GREP. I would suggest learning GREP a d other bash tools. I worked for a tier 1 provider and had to sift through 40GB files frequently.
For windoze users learn how the logon process works and how the domain controller and active directory system works. Linux users shold learn SAMBA

David's podcasts are always fun, interesting and valuable topic thank you for inspiring to get back to learning about cyber security.

Great content David and Chris

wireshark is great, splunk is superior for threat hunting. id love to see you do some videos on it to share the power of threat hunting in splunk

Crazy story, I had a client who was an insurance agency with about 2 dozen workstations. They had a slow issue. I ended up using wireshark to pin point one of the workstations with a suspiciously high upload traffic. Turns out it was Mcafee Antivirus itself that was infected with malware. I ended up losing that client because I charged them $350 ( a discounted rate) after spending 7 hours on site. The upper manager said “We could have bought a new computer for that price!” The customer is NOT always right. More often, ignorant.

Ngl name "Catbomber" goes hard

I just got into this video with Chris and Brim looks very useful but it looks quite a bit different today than it did in the video - as though it's been completely reworked. I think it would be more useful if the layout and colors of my install would look more like what was demonstrated. Any ideas on how to make this happen or is this a version thing?

wow, that was very interessting. People call me a hacker sometimes only because i know the "anykey" :) After this video i learned i know nothing. Never used wireshark however i am familiar with the programname. Too little time left to learn all the stuff that is out there

Hey its Sean Locke's hacker brother. 😊

Brilliant stuff!!

Microsoft turned its products into money making complex forms of Linux....the best thing to happen to all computer hobbiesists is to actually learn Linux and command line....

Ssl is just a corporate control feature of the super redirector aka control of discovery....just another detractor of discovery....sad...

Wireshark was the main program used for hacking WIFI many years ago.

Awesome video. Thanks Chris and David for putting this out there.

is threat hunter the same as bug bounty??

Sorry bamboo uncle I am in Indian network

Good stuff. This guy Chris Greer is awesome. Thanks, both of you.

This guy sounds quite a bit like Jack Rhysider.... LOL

Using ChatGPT to mine PCAP files might be fun 😊