Wireshark 100 – Analyzing Encrypted PCAPs with Wireshark Workshop


This course is for Networking, Government, and Security personnel who must develop packet investigation techniques to evaluate encrypted network traffic. Completing this workshop provides these individuals a pathway into the Network and Forensics Analysis field.


The realities of modern traffic analysis require interpreting encrypted network traffic correctly. A detailed knowledge of how key protocols such as HTTP can provide valuable insights into what is happening in a suspect traffic capture. This workshop provides an introduction to techniques for the evaluation of encrypted traffic using open-source tools such as Wireshark to provide insight into the following areas:

  • Specialized software configuration and new Wireshark Profiles to make Analysis faster
  • Encryption techniques, including SSL / TLS / WEP / WPA.x
  • Specialized encrypted traffic analysis techniques using Wireshark 4.x
  • Specialized filtering and Analysis techniques, including data traffic reconstruction and viewing


The course uses Real-world examples and numerous hands-on exercises to provide field-proven, practical analysis skills. Attendees receive a student guide, including numerous reference files, Networking and forensics tools, and a library of reference documents.


1-day Classroom / Virtual Instruction

Start/End Times


Recommended Class Size