Practical Packet Analysis Training | Chris Sanders

Practical Packet Analysis Training | Chris Sanders
English | Size: 6.33 GB
Genre: eLearning

Hi, I’m Chris Sanders.

One of my earliest computer jobs was as a network administrator for a school district. I was responsible for four thousand computers across ten locations, and the network was an absolute disaster. The equipment was dusty and dying, the server closets were a tangled mess of wires, and nobody had given much of a thought to security.

It’s easy to fire up Wireshark and capture packets…but making sense of them is another story.

There’s nothing more frustrating than knowing the answers you need lie in a mountain of data that you don’t know how to sift through.

That’s why I wrote the first Practical Packet Analysis book a decade ago. That book is now in its third edition, has been translated into several languages, and has sold over 30,000 copies. Now, I’m excited to create an online course based on the book.

The Practical Packet Analysis course is the best way to get hands-on visual experience capturing, dissecting, and making sense of packets.

Practical Packet Analysis IS for you if…

You’ve ever sat at your screen staring at a bunch of packets and felt paralyzed by not knowing what to do next
The only Wireshark trick you know is how to Follow a TCP Stream
You can’t spot things that are abnormal, because you don’t know what normal on your network looks like
You’ve always wanted to be able to prove that the network isn’t why things are running slow
You’ve tried a bunch of different approaches to becoming more comfortable analyzing packets — but haven’t found anything that works for YOU yet!
Whether you’re looking to gain new skills in your current job, or for your next one, know this:

The ability to understand packets is a critical skill for SOC analysts, network engineers, system administrators, forensic investigators, reverse engineers, and programmers alike.

Practical Packet Analysis will help you build those skills through a series of expert-led lectures, scenario-based demonstrations, and hands-on lab exercises.

You’ll learn:

5 techniques for capturing packets in any scenario and how to know which one is appropriate
The life of a packet and how data moves through the network.
How to use packet maps to navigate protocols. I’ll give you color-coded printable maps for all the most common protocols you’ll encounter.
All of Wireshark’s analysis features, including how to create graphs, traverse protocol hierarchy charts, and generate stats that are simple AND useful.
Manipulate packet timestamps to sync captures taken from different sources and more quickly spot large gaps in sequences of events.
My tips for customizing your analysis environment by using features like Wireshark profiles, custom columns, and individual packet color coding.
Techniques for extracting complete files from network communication via multiple protocols — even custom malware command and control.
How to use tshark and tcpdump to perform packet analysis on the command line.
The basic stimulus and response of common protocols — and how attackers use this to their advantage.
How to approach and dissect these protocols: IPv4, IPv6, TCP, UDP, DHCP, DNS, HTTP, SMTP, and ICMP.
Filtering techniques using Wireshark display filters and BPF capture filters so you can quickly eliminate noise and get to the data you need
A strategy for approaching unknown or undocumented protocols like you might encounter when dealing with malware of custom applications.
Practical Packet Analysis takes a fundamental approach by exploring the concepts you need to know without all the fluff that is normally associated with learning about network protocols.

When I say PRACTICAL, I mean it! Everything you’ll learn is something you can directly apply to the job you have or the job you want.

I’ll be your personal packet sherpa as I guide you through the process of actually dissecting real packet captures as I would do it.

This course is loaded with actual PCAPs that you can download and interact with. Some of the scenarios I’ll guide you through include:

How an attacker at a coffee shop could use HTTP session hijacking to access accounts
An infection chain that starts with an exploit kit and ends with ransomware
The Heartbleed attack and how it takes advantage of an HTTPS flaw
The difference between IPv4 and IPv6
Identifying network latency by examining TCP connection characteristics
ARP cache poisoning as seen from the attacker and victim POV
Troubleshooting IOT device communication
DNS recursion from three different perspectives
A remote access trojan that uses custom command and control to steal data
Practical Packet Analysis includes:
Over 40 hours of demonstration videos. These videos will break down the concepts and skills you need to become adept and packet analysis.

Hands-on labs to help you develop and test your skills. You’ll go through packet captures I’ve created (and some I found in the wild) to develop analytic muscle memory and strengthen the concepts you’ve learned.

Access to our exclusive student-only Slack channel. Here you can ask questions, learn about upcoming courses, network with other students, and communicate directly with AND course authors. It’s a great place to get some help analyzing tricky packet captures you encounter!

Participation in our student charitable profit sharing program. A few times a year we designate a portion of our proceeds for charitable causes. AND students get to take part in nominating charities that are important to them to receive these donations.



If any links die or problem unrar, send request to

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.