What Wireshark Does — It captures and analyzes packets traveling through a network.
Step 1: Install Wireshark
Download from the official website. Install Npcap during setup.
Step 2: Start packet capture
Select your active network interface:
- WiFi
- Ethernet
Step 3: Use Filters — Example filters: http, dns, tcp, ip.addr == 192.168.1.1
Step 4: Analyze Packets
You can inspect:
- Source IP
- Destination IP
- Protocol
- Payload data
Step 5: Export packets
Save captured packets as: .pcap
This is useful for digital forensics and malware analysis.