This is the repository for Network Forensics with Wireshark, published by Orange AVA™
In today’s digital world, Wireshark stands as the most powerful tool for uncovering what truly happens on a network.
Network Forensics with Wireshark will take you through a structured, hands-on journey — from grasping the basics of TCP/IP communication to advanced forensic analysis. Beginning with how data flows across networks, readers will learn to capture and interpret packets, identify anomalies, and analyze encrypted traffic through SSL/TLS decryption. As the book progresses, it dives into detecting malware behavior, tracing covert channel attacks, and understanding how attackers exploit vulnerabilities across evolving network architectures. Each concept is reinforced with practical exercises and real-world case studies, helping readers apply theory to investigation.
So, whether you are a student, network engineer, or cybersecurity professional, this book empowers you to analyze smarter, respond faster, and transform data into actionable security insight.
● Understand core network protocols and packet flow in depth.
● Capture, filter, and analyze traffic using Wireshark effectively.
● Identify anomalies, threats, and malware patterns in captures.
● Perform SSL decryption, and inspect encrypted traffic behavior.
● Reconstruct and analyze the complete cyber kill chain visually.
● Apply forensic techniques to detect and prevent network breaches.