16: Analyzing capture files in Python with PyShark

The title of this class is: "Analyzing capture files in Python with PyShark" and was taught by Dor Green. This was recorded on July 13th in Kansas City, MO. Subscribe to our channel for tons of free Wireshark educational content. To attend a live SharkFest and to learn Wireshark with packet analysis experts, visit: sharkfest.wireshark.org/ and sharkfesteurope.wireshark.org/. SharkFest™, launched in 2008, is a series of annual educational conferences staged in various parts of the globe and focused on sharing knowledge, experience and best practices among the Wireshark® developer and user communities. SharkFest attendees hone their skills in the art of packet analysis by attending lecture and lab-based sessions delivered by the most seasoned experts in the industry. Wireshark core code contributors also gather during the conference days to enrich and evolve the tool to maintain its relevance in ensuring the productivity of modern networks. SharkFest’s aim is to support ongoing Wireshark development, to educate and inspire current and future generations of computer science and IT professionals responsible for managing, troubleshooting, diagnosing and securing legacy and modern networks, and to encourage widespread use of the free analysis tool. Per Gerald Combs, Wireshark project Founder …“Wireshark is a tool and a community. My job is to support both." twitter.com/wiresharkfest Chapters: 0:00 Intro 0:48 Packet Parsing in Python 2:35 Pyshark uses Wireshark 3:23 Let's get started/read our capture 6:15 Getting an overview 8:09 Accessing Fields 9:19 I want my HTTP fields! 10:40 Getting user agents from a PCAP 12:19 More field actions 13:51 Accessing various field values 15:50 Duplicate fields + Accessing them 21:07 JSON/EK parsing 25:55 More efficient packet analysis techniques 28:59 Other capture types 33:00 Integrating Pyshark into exisiting applications 34:39 Conclusion + Q&A

• #education
• #sharkfest
• #pyshark
• #python
• #wireshark