This is a guest blog by Peter Kiesberg and Sebastian Schrittwieser for their training, Wireshark Scripting with Lua
Learn, how to script Wireshark to better suit your needs, as well as save on costs by letting Wireshark automatize many of your daily analytical tasks!
In this highly interactive training at TROOPERS you will learn how to write your own protocol dissectors to support new protocols unknown to the standard Wireshark, as well as create your own analysis mechanisms for gathering more details on known protocols. Use Wireshark as a tool for post-processing and data analytics, as well as for triggering alarms based on traffic patterns. With the integration of the highly versatile Lua scripting language into Wireshark, it is possible to tailor the capabilities of Wireshark right for you special requirements. In this two-days training you will learn how to customize Wireshark starting from scratch with an in-depth introduction to Lua over writing simple dissectors for unknown protocols to setting up customized network analysis scenarios.
Topics of the training:
- Introduction to the Lua scripting language and the Lua-API in Wireshark
- Write your own protocol dissectors for protocol reverse engineering, support of uncommon protocols, etc.
- Extend existing protocol dissectors for a more detailed view on a network protocol
- Create listeners to trigger events based on traffic patterns
- Create your own UI elements (menu, windows, preferences) within Wireshark, File I/O
- Application of Lua scripting for automated analysis and post-processing tasks
Requirements: A basic understanding for common network protocols; Basic Wireshark-knowledge is beneficial; Laptop with Wireshark installed and administrative privileges (optionally we provide the training environment on a bootable USB thumb drive)