Wireshark

Wireshark is a tool which captures the packets sent between the host and other hosts on the network. On modern tech, this will mostly be filled with APR requests or data being sent between the router and the user. Its very simple and works very well since it can associate many different protocols connected to packets. Also this has the ability to reconstruct timelines for the packets being sent.

Statistics

The statistics tab provides ability to visualize or to develop statistics on the type of data, amount of data, and frequency of data sent over the wire and captures by wireshark.

Capture File Properties

This feature allows the user to see multiple crucial items:

1. The length of time the capture lasts for
2. The hash of the capture
3. The amount of packets captured during the capture
4. How many packets were sent per second (pps)
5. How many bytes of data was sent in the packets

I/O Graphs

This feature creates a graph with Packets/s as the Y variable and time at the X variable. It can help visualize traffic during the capture.

Right Clicking

Conversation Filter -> TCP

This allows the user to follow the timeline for a certain exchange between the client and the remote host. It starts at the first TCP handshake till the final TCP teardown.

Analyze

Follow -> TCP Stream

This allows the data sent over, such as a website, to be reconstructed. Save the data as an HTML file if the sent file is suspected to be an html file.