Lab 4.3: Wireshark HTTP/HTTPS Analysis

LAB - Eye House Tools

Analyze web traffic using Wireshark. Understand the visibility differences between HTTP and HTTPS, extract files, and identify web-based attacks.

HTTP (Port 80)

Plaintext - Full visibility into requests, responses, headers, body content

HTTPS (Port 443)

Encrypted - TLS handshake visible, content encrypted, use JA3 fingerprinting

Lab Objectives

Analyze HTTP requests and responses
Extract files from HTTP traffic (Export Objects)
Identify TLS handshake patterns in HTTPS
Understand visibility limitations with encryption
Detect web-based attack indicators (SQLi, XSS)

Launch Wireshark Training →

Source:

Eye House > Tools > Wireshark Training

← Back to Week 4