Logo TCP/IP Training
Special LE Courses
IoT Network

Workshop PCAP – Analyzing Encrypted Traffic with Wireshark

Category: Wireshark training
Format: Virtual
The realities of modern traffic analysis require interpreting encrypted network traffic correctly. A detailed knowledge of how key protocols such as HTTP can provide valuable insights into what is happening in a suspect traffic capture. This workshop provides an introduction.. read more below
Virtual
duration: 1 day
class size
English

Courses available

12 mei
- 12 mei 2026
- Virtual
- 9.00 - 16.00
- € 895,00
Sign up now
Request information

The realities of modern traffic analysis require interpreting encrypted network traffic correctly. A detailed knowledge of how key protocols such as HTTP can provide valuable insights into what is happening in a suspect traffic capture. This workshop provides an introduction to techniques for the evaluation of encrypted traffic using open-source tools such as Wireshark to provide insight into the following areas:

– Specialized software configuration and new Wireshark Profiles to make analysis faster

– Encryption techniques, including SSL / TLS / WEP / WPA.x

– Specialized encrypted traffic analysis techniques using Wireshark

– Specialized filtering and Analysis techniques, including data traffic reconstruction and viewing

This workshop is for Networking, Government, and Security personnel who must develop packet investigation techniques to evaluate encrypted network traffic. Completing this workshop provides these individuals a pathway into the Network and Forensics Analysis field.

PCAP (Packet Capture) file is a computer file that stores network packets that are captured while moving data over a network. It acts as a digital record of network traffic, allowing administrators, researchers or security experts to analyze exactly what is happening on a network. PCAP is considered one of the lowest levels of network diagnostics and analysis.
They are used for diagnosing network problems, performance checks, and detecting suspicious or malicious activity (threat hunting). PCAP files contain the “raw” data of network packets, including headers and the payload (the actual contents of the data).
The best known software to open and analyze PCAP files is Wireshark.
Each captured packet in a pcap file is preceded by a header (pcap_sf_pkthdr) that contains information such as the timestamp (when it was captured) and the length of the packet.
PCAP files are essential in cybersecurity for analyzing the precise nature of a network attack, as they can show what signature-based security tools (such as firewalls) sometimes miss.

– Specialized software configuration and new Wireshark Profiles to make analysis faster

– Encryption techniques, including SSL / TLS / WEP / WPA.x

– Specialized encrypted traffic analysis techniques using Wireshark

– Specialized filtering and Analysis techniques, including data traffic reconstruction and viewing

 

Workshop Details:

Introduction and Logistics

Loading the Encryption Analysis Profile

Sample Encrypted Analysis Process

A Key concept: Communication Architectures

 

Introduction to Wired (Ethernet) Encryption – SSL / TLS

1Ethernet Encryption Overview

How Ethernet Encryption works SSL vs. TLS

Securing HTTP: HTTPS

Emerging Trend: Encrypted DNS

Key Fields to Examine

 

Introduction to Wireless (WiFi) Encryption – WEP / WPA / WPA2 / WPA3

WiFi Encryption Overview

How WiFi Encryption works WEP vs. WPA.x

WEP & WPA.x – What Packets Are Encrypted?

Key Fields to Examine

 

Encrypted Analysis Methodologies

Spotting Suspicious Data Flows

Key Wireshark Statistics to Examine

Analysis Aid – A Picture is worth 1024 Words

Key Fields to Examine

 

Recap of Encrypted Analysis

Student qoutes

" I found Phill to be the best teacher, and I learn so much from him. Thank you Phill"

- Paul Broyd

Course: TCP/IP Analysis and Troubleshooting with Wireshark

"It's sure the most interesting course that i have followed"

- Karin van der Plas

Course: TCP/IP Analysis and Troubleshooting with Wireshark

"It was a very very very interesting course, and done by the top guy"

- Matthew Steenwijk

Course:

"It was a real pleasure to receive the Wireshark training from a very dedicated trainer"

- Wim de Vries

Course: Voice & Video over IP Network Analysis

"I thought I already knew Wireshark. I was wrong, very wrong"

- Jeroen Valkonet

Course: TCP/IP Analysis and Troubleshooting with Wireshark

"This course is a must have for everyone in IT"

- Johan den Besten

Course: TCP/IP Analysis and Troubleshooting with Wireshark

"Great for network analyses or forensic investigations"

- Sven Schneider

Course: Masterclass – Advanced Network & Intro to Security Analysis

"By far the very best course I ever took"

- Joachim van Doeselaar

Course: TCP/IP Analysis and Troubleshooting with Wireshark

"If there’s a packet, it can be WireSharked!!"

- Elena Petrova

Course: WiFi & Wireless Network Analysis Using Wireshark

"Extremely satisfied with the training. Very helpful instructor and great teaching methods"

- Lars Mikkelsen

Course: Masterclass – Advanced Network & Intro to Security Analysis

More courses within category Wireshark training

Wireshark Command Line Tools for Troubleshooting

Amsterdam / In-House / Virtual
duration: 5 days
T.B.A.
Network and Forensics Analysis encompasses the skills of capturing data and the ability to discern unusual patterns hidden within seemingly normal network traffic. This course provides the student with an..

WiFi & Wireless Network Analysis Using Wireshark

Virtual
duration: 5 days
T.B.A.
This course is for Networking and Security personnel who must develop packet investigation techniques by studying the WiFi and Wireless Networking Protocols (IEEE 802.11a, b, g, n, ac, ad, az)..

Wireshark Certified Analyst: incl. WCA-101 voucher

Virtual
duration: 5 days
T.B.A.
Wireshark Certified Analyst: WCA, incl. WCA-101 exam voucher € 350,00 Successful completion of the Wireshark Certification certifies that an individual possesses an in-depth knowledge of TCP/IP and network/protocol analysis, troubleshooting communications,..

Cloud-based Network Analysis & Troubleshooting

Amsterdam / In-House / Virtual
duration: 5 days
T.B.A.
This course is for Networking and Security personnel who need to develop a set of packet investigation techniques to support recognition, analysis, and threat recognition for many of the next..

TCP/IP Analysis and Troubleshooting with Wireshark

Virtual
duration: 5 days
T.B.A.
Effective Network TCP/IP Analysis and Optimization encompasses the skills of not only capturing data, but also the ability to discern the key patterns hidden within the flood of network traffic...

Masterclass – Advanced Network & Intro to Security Analysis

Amsterdam / In-House / Virtual
duration: 5 days
T.B.A.
The realities of modern traffic analysis require interpreting encrypted network traffic correctly. A detailed knowledge of how key protocols such as HTTP can provide valuable insights into what is happening..
  • Atoomweg 2
    1627 LE HOORN
    The Netherlands
  • +31 (0)23-5685610
  • info@scos.training

Sign up and register for Workshop PCAP – Analyzing Encrypted Traffic with Wireshark

Choose a course date *
First name *
Last name *
Company *
Country *
Email address *
Phone number
Attendees *
Comment
How did you hear about this course *
A course only takes place if there is sufficient participation.
*
= required

Request information for Workshop PCAP – Analyzing Encrypted Traffic with Wireshark

*
= required

Do you want to request information for more than one course? Click here