Skip to main contentSkip to main content
Room Banner
Back to all walkthroughs
Room Icon

TShark: The Basics

Premium room

Learn the basics of TShark and take your protocol and PCAP analysis skills a step further.

easy

120 min

19,638

User profile photo.

To access material, start machines and answer questions login.

Set up your virtual environment

To successfully complete this room, you'll need to set up your virtual environment. This involves starting the Target Machine, ensuring you're equipped with the necessary tools and access to tackle the challenges ahead.
Lab machine
Status:Off

TShark is an open-source command-line network traffic analyser. It is created by the Wireshark developers and has most of the features of Wireshark. It is commonly used as a command-line version of Wireshark. However, it can also be used like tcpdump. Therefore it is preferred for comprehensive packet assessments.

Learning Objectives

  • Filtering the traffic with TShark
  • Implementing Wireshark filters in TShark
  • Expanding and automating packet filtering with TShark

We have prepared a with TShark and the necessary files. You can start the machine by pressing the green Start Lab Machine button attached to this task. The machine will start in split view. In case it is not opening the split view, you can press the blue Show Split View button at the top of the page.

We suggest completing the Network Fundamentals and Wireshark modules before starting this room. 

Answer the questions below
Read the task above and start the attached VM.