WireShark – go deep! (HTTP Request Analysis)

Wireshark is a network protocol analyzer for Unix and Windows. I have only brushed the surface with this tool so far but it comes in handy when performing analysis on http requests between your machine and others on the network.

http://www.wireshark.org/

Before you start

• Wireshark captures every request so only click start when you are ready to capture and click stop when your finished
• You’ll need your IP address

Basic Instructions

1. Download, install, run
2. Click start to capture requests
3. Use the expression filter to find your requests, here are some common filters:
   1. ip.addr == 10.27.999.99 (for example)
   2. ip.dst == 10.27.999.99 (for example)
4. Find the request you want to analyse and Right click > Follow TCP Stream
5. This should bring up the request in full