PA Toolkit is a group of visitors analysis plugins to increase the performance of Wireshark from a micro-evaluation software and protocol dissector to the macro analyzer and risk hunter. PA Toolkit comprises plugins (each dissectors and faucets) masking numerous eventualities for a number of protocols, together with:
- WiFi (WiFi community abstract, Detecting beacon, deauth floods and many others.)
- HTTP (Listing all visited web sites, downloaded recordsdata)
- HTTPS (Listing all web sites opened on HTTPS)
- ARP (MAC-IP desk, Detect MAC spoofing and ARP poisoning)
- DNS (Listing DNS servers used and DNS decision, Detecting DNS Tunnels)
The venture is beneath lively improvement and extra plugins shall be added in close to future.
This materials was created whereas engaged on “Traffic Analysis: TSHARK Unleashed” course. Those can examine the course right here: https://www.pentesteracademy.com/course?id=42
- Copy the “plugins” listing to Wireshark plugins listing.
- Start wireshark. 🙂
One can get the placement of wireshark plugins listing by checking Help > About Wireshark > Folders
List of internet sites visited over HTTP
Domain to IP mappings