Quartz sync: Sep 3, 2024, 4:28 PM

content/PicoCTF/Forensics/Packets Primer.md

@@ -12,7 +12,7 @@ modified: 2024-08-19T15:26:00
 ## Challenge Description
 ![[PicoCTF Packets Primer.png]]
 
-Seems like a typical network forensics challenge. After downloading the pcap file using `wget`, we can use [[WIreshark]] to get the flag. 
+Seems like a typical network forensics challenge. After downloading the pcap file using `wget`, we can use [[Wireshark]] to get the flag. 
 
 ### Wireshark
 ![[PicoCTF Packets Primer 2.png]]

content/PicoCTF/Forensics/PcapPoisoning.md

@@ -18,9 +18,9 @@ After downloading the file, we realise that it is a `pcap` file, as the challeng
 
 >[!success]  We can run `strings <file-name> | grep pico` to get the flag immediately.
 
-Alternatively, we can use [[WIreshark]] for packet analysis.
+Alternatively, we can use [[Wireshark]] for packet analysis.
 
-### Using [[WIreshark]]
+### Using [[Wireshark]]
 
 ![[PicoCTF Pcap Poisoning 3.png]]
 

content/PicoCTF/Forensics/Wireshark Doo Dooo Do Doo....md

@@ -12,16 +12,16 @@ modified: 2024-08-22T21:08:50+08:00
 ## Challenge Description
 
 ![[PicoCTF Wireshark doo dooo do doo... .png]]
-Aha, a [[WIreshark]] challenge. First we download the .`pcapng` file using `wget <link>`. 
+Aha, a [[Wireshark]] challenge. First we download the .`pcapng` file using `wget <link>`. 
 
 >[!important] Wireshark
 > Wireshark is a network analysis tool. 
 > 
-> For more information, refer to [[WIreshark|this page]].
+> For more information, refer to [[Wireshark|this page]].
 ### Finding the flag
 ![[PicoCTF Wireshark doo dooo do doo... 1.5.png]]
 
-After opening the file in [[WIreshark]], I first went to check the Protocol Hierarchy, and decided to use `tcp` as a filter. 
+After opening the file in [[Wireshark]], I first went to check the Protocol Hierarchy, and decided to use `tcp` as a filter. 
 
 >[!question] What is Protocol Hierarchy?
 >Protocol hierarchy in Wireshark is a feature that displays a breakdown of the different protocols

content/PicoCTF/Forensics/shark on a wire 1.md

@@ -18,7 +18,7 @@ We shall start our journey by downloading the file using `wget <link>`. The down
 The `capture.pcap` file contained a total of 2317 packets. After checking the Protocol Hierarchy, I decided to use `UDP` as a display filter, and proceeded by following a random `UDP stream`.
 
 >[!question] PicoCTF Hint: What are streams?
->This confirms that we should pay more attention to the `streams` in [[WIreshark]].
+>This confirms that we should pay more attention to the `streams` in [[Wireshark]].
 
 ## Finding the flag
 

content/Useful Tools/Wireshark.md

@@ -0,0 +1,27 @@
+---
+tags: 
+Creation Date: 
+Last Date: 
+References: 
+draft: 
+modified: 2024-09-03T16:27:26+08:00
+---
+Wireshark is a network protocol analyzer, or an application that captures packets from a network connection, such as from your computer to your home office or the internet. Packet is the name given to a discrete unit of data in a typical Ethernet network (_What Is Wireshark and How to Use It | Cybersecurity | CompTIA_, n.d.).
+
+
+
+Wireshark is the most frequently-used packet sniffer in the world. Like any other packet sniffer,
+
+
+
+>[!important] Wireshark does three things:
+>1. **Packet Capture:** Wireshark listens to a network connection in real time and then grabs entire streams of traffic – quite possibly tens of thousands of packets at a time.
+>  
+>2. **Filtering:** Wireshark is capable of slicing and dicing all of this random live data using filters. By applying a filter, you can obtain just the information you need to see.
+>  
+>3.  **Visualization:** Wireshark, like any good packet sniffer, allows you to dive right into the very middle of a network packet. It also allows you to visualize entire conversations and network streams.
+
+
+#### References
+
+- _What Is Wireshark and How to Use It | Cybersecurity | CompTIA_. (n.d.). CompTIA. https://www.comptia.org/content/articles/what-is-wireshark-and-how-to-use-it