Continuing down the path studying for the Comptia Pentest+, I wanted to team up again with my friend Kiki (the founder of TechSecChix) and do another interactive walkthrough. In the video below, we reviewed and answered the Wireshark room in TryHackMe. Wireshark is one of the most widely used packet analysis tools that engineers and cyber folks use to see what’s really going on in those packets going across the network. We talked about how to install, collect data, and apply filters when looking at captured traffic. We also took some sample packet captures (PCAP) and analyzed ARP, TCP, ICMP, DNS, HTTP, HTTPS, and other types of traffic.
Below I’m going to share with you our answers when going through the knowledge checks in the different tasks in the room. Definitely try to work through the problems as much as you can. The first 6 tasks were strictly reading content, so I’m starting with Task 7 below.
Wireshark Task 7 – ARP Traffic
Wireshark Task 8 – ICMP Traffic
Wireshark Task 10 – DNS Traffic
Wireshark Task 11 – HTTP Traffic
Wireshark Task 12 – HTTPS Traffic
Network Knowledge Wrap Up
Keep an eye out as I continue to work through other TryHackMe CompTIA Pentest+ rooms!
Here is the Comptia Pentest+ training book bundle I’m using. (Affiliate Link)
TryHackMe Wireshark Room