These small videos of yours are so fun and informative. I didn't even know you could decode base64 inside Wireshark before 🤯

Awesome vid! I am now intrigued enough that I will be analyzing much more malware. Thank you good sir!

Wow Chris. This calls to for serious learning Wireshark. Damn how people steal logins using malware. Thanks for sharing the video and keep informing us.

These malicious pcap traffic analysis videos are awesome !

1% That's how much of your wireshark knowledge that I hope to retain some day! Just 1%! Amazing!

I love this content. Every time I learn something new. I have very little experience looking at logs but I'm picking stuff up. Thanks for sharing. I really need to try some of those real world examples. My eyes jumped to the port 80 right away and you basically got everything from smtp instead.

Compressed and rich video. Thank you sir ✌️✌️✌️✌️✌️

that base64 decode in wireshark was a great tip - i've been copy/pasting strings to external websites to do the same 👍

Woow Chris always a good subject and smart analyze thx and keep givin jsut question where to get any wirshark certificat Chris thx for u re help

Excellent, I love this kind of videos with real files !... Keep going.

Chris , Chris, you are Master Shark! :) Big Thank you.

Learning a ton of information from you, keep it up!

all of these stuff included on your course?

please do more of these

very nice video ! thanks

Hi Chris, After clicking on follow stream, I got only binary code nothing readable. Anything I need to do to get readable data.

Hi Chris, If we try to open this PCAP file using Python Scapy library should we still be careful about it?

ty chris

Love the content you made but here comes to my mind a question at the end. If smtp auth process had been done by user on port 465 with ssl, would we able to see the base64 encoded username and password?

I am not able to download any pcap from this site. Please help

nice. thank you.

Thanks a lot , keep it up

👍

hi bro my client to server scenario TCP connection intermittently getting RESET from client side initiation after successful SYN first packet and SYN+ACK second packet received at my client machine. Then my client machine send sudden RESET to server instead of completing the 3-way handshake. on analysis Out of 100 TCP connection i can seen 25 RESET from my client machine to server. i believe something unusual at my CLIENT machine.. i differentiated all successful request and failed reset request. There i found whenever my client machine sent RESET above the wireshark line of each stream on received SYN+ACK delta time is above >500ms to 900ms... On all successful TCP request there syn+ACK received delta time on my client side wireshark shows below than >450ms . So i believe my side machine expecting that SYN+ACK packet receiving to my client machine should below the value of

thanks. smtp trick is a big help.