Products
Features
YouTube Video Summarizer
Summarize YouTube videos
Web & PDF Highlighter
Highlight web pages & PDFs
Chat with PDF
Ask any PDF questions with AI
Ask AI Clone
Chat with your highlights & memories
Audio Transcriber
Transcribe audio files to text
Glasp Reader
Read and highlight articles
Kindle Highlight Export
Export your Kindle highlights
Idea Hatch
Hatch ideas from your highlights
Integrations
Obsidian Plugin
Notion Integration
Pocket Integration
Instapaper Integration
Medium Integration
Readwise Integration
Snipd Integration
Hypothesis Integration
Apps & Extensions
Chrome Extension
Safari Extension
Edge Add-ons
Firefox Add-ons
iOS App
Android App
Discover
Discover
Ideas
Discover new ideas and insights
Articles
Curated articles and insights
Books
Book recommendations by great minds
Posts
Essays and notes from readers
Quotes
Inspiring quotes collection
Videos
Curated videos and summaries
Explore Glasp
Glasp Newsletter
Weekly insights and updates
Glasp Talk
Interview series with great minds
Glasp Blog
Latest news and articles
Glasp Use Cases
Learn how others use Glasp
Build & Support
Glasp API
Access Glasp's API for developers
MCP Connector
Connect Glasp to Claude & ChatGPT
Community
Glasp Reddit Community
Students
Student discount and benefits
FAQs
Frequently Asked Questions
AboutPricing
DashboardLog inSign up

Hacker hunting with Wireshark (even if SSL encrypted!)

231.5K views
•
September 9, 2022
by
David Bombal
YouTube video player
Hacker hunting with Wireshark (even if SSL encrypted!)

TL;DR

Learn how to use Wireshark for threat hunting and uncover indicators of compromise, even in encrypted traffic.

Transcript

  • I've been able to find indicators of compromise, strange traffic, threat hunting-style things, while troubleshooting other problems. Things that we weren't even looking for. - There's no way that's legit. Why would on earth would you send internal information like that to some random server? - So what protections do we have in place for our outgo... Read More

Key Insights

  • 🕵️ Threat hunting with Wireshark allows organizations to detect indicators of compromise and respond to potential cybersecurity threats.
  • 🎚️ Analysts can leverage Wireshark's packet-level analysis capabilities to identify abnormal network behavior, suspicious traffic patterns, and indicators of compromise.
  • 🔐 Tools like Brim can complement Wireshark by generating Zeek logs and enabling efficient searching and filtering of security events.
  • 👤 Threat hunting is a proactive cybersecurity approach that requires continuous monitoring, analysis of network traffic, and the use of various tools and techniques to detect and mitigate potential threats.

Install to Summarize YouTube Videos and Get Transcripts

Explore YouTube Video Summarizer or Get YouTube Transcript Extractor

Questions & Answers

Q: Why is Wireshark a useful tool for threat hunting?

Wireshark allows analysts to capture and analyze network traffic, providing visibility into potential threats, such as indicators of compromise, suspicious traffic patterns, and abnormal behavior. It helps enhance security operations and enables proactive threat hunting.

Q: How can Wireshark be used to detect indicators of compromise?

Wireshark allows analysts to filter and analyze network traffic, facilitating the identification of unusual or potentially malicious patterns, such as abnormal communication protocols, suspicious user agents, and unexpected network connections. By examining packet-level details, analysts gain insights into potential security issues and indicators of compromise.

Q: Is threat hunting only relevant for experienced cybersecurity professionals?

No, threat hunting is not limited to seasoned cybersecurity professionals. It is a proactive approach to cybersecurity that involves all IT professionals, including network technicians and help desk personnel. By developing an understanding of threat hunting techniques and leveraging tools like Wireshark, individuals at various skill levels can contribute to identifying and mitigating cybersecurity threats.

Q: How important is threat hunting in reducing dwell time?

Threat hunting plays a crucial role in reducing dwell time by enabling organizations to proactively detect and respond to threats before they cause significant damage. By actively searching for indicators of compromise and anomalous network behavior, security teams can identify and neutralize threats more quickly, minimizing the dwell time and reducing the impact of the attacks.

Key Insights:

  • Threat hunting with Wireshark allows organizations to detect indicators of compromise and respond to potential cybersecurity threats.
  • Analysts can leverage Wireshark's packet-level analysis capabilities to identify abnormal network behavior, suspicious traffic patterns, and indicators of compromise.
  • Tools like Brim can complement Wireshark by generating Zeek logs and enabling efficient searching and filtering of security events.
  • Threat hunting is a proactive cybersecurity approach that requires continuous monitoring, analysis of network traffic, and the use of various tools and techniques to detect and mitigate potential threats.
  • Threat hunting is not limited to experienced professionals and can involve all IT personnel, provided they have the necessary training and tools.

Summary & Key Takeaways

  • Wireshark can be used as a tool for threat hunting, allowing analysts to proactively find cybersecurity threats and mitigate them.

  • The course aims to teach users how to analyze network traffic using Wireshark to identify indicators of compromise and detect potential security issues.

  • Threat hunting can help reduce dwell time, the time it takes to detect and respond to an attack, and enhance the overall security posture of an organization.

Read in Other Languages (beta)

English

Share This Summary 📚

Summarize YouTube Videos and Get Video Transcripts with 1-Click

Download browser extensions on:

Try YouTube Summary with ChatGPT & Claude or YouTube Transcript Generator

Explore More Summaries from David Bombal 📚

Hacker Explains VPN Hacking: ADMIN access without password (real world demo) thumbnail
Hacker Explains VPN Hacking: ADMIN access without password (real world demo)
David Bombal
Network Tier List (What's the best and should you stop using Wifi?) thumbnail
Network Tier List (What's the best and should you stop using Wifi?)
David Bombal
New Cybersecurity Certification? thumbnail
New Cybersecurity Certification?
David Bombal
Bruteforce WiFi WPA2 with GPU thumbnail
Bruteforce WiFi WPA2 with GPU
David Bombal
I challenged ChatGPT to code and hack (Are we doomed?) thumbnail
I challenged ChatGPT to code and hack (Are we doomed?)
David Bombal
Kali Linux Install: Ethical hacking getting started guide thumbnail
Kali Linux Install: Ethical hacking getting started guide
David Bombal

Summarize YouTube Videos and Get Video Transcripts with 1-Click

Download browser extensions on:

Try YouTube Summary with ChatGPT & Claude or YouTube Transcript Generator

Apps & Extensions

  • Chrome Extension
  • Safari Extension
  • Edge Add-ons
  • Firefox Add-ons
  • iOS App
  • Android App

Key Features

  • YouTube Video Summarizer
  • Web & PDF Summarizer
  • Web & PDF Highlighter
  • Chat with PDF
  • Ask AI Clone
  • Audio Transcriber
  • Glasp Reader
  • Kindle Highlight Export
  • Idea Hatch

Integrations

  • Obsidian Plugin
  • Notion Integration
  • Pocket Integration
  • Instapaper Integration
  • Medium Integration
  • Readwise Integration
  • Snipd Integration
  • Hypothesis Integration

More Features

  • APIs
  • MCP Connector
  • Blog & Post
  • Embed Links
  • Image Highlight
  • Personality Test
  • Quote Shots

Company

  • About us
  • Blog
  • Community
  • FAQs
  • Job Board
  • Newsletter
  • Pricing
Terms

•

Privacy

•

Guidelines

© 2026 Glasp Inc. All rights reserved.