Best Wireshark Courses

Find the best online Wireshark Courses for you. The courses are sorted based on popularity and user ratings. We do not allow paid placements in any of our rankings. We also have a separate page listing only the Free Wireshark Courses.

Wireshark tutorial in 60 minutes – video course

Wireshark tutorial - learn one of the most important tool every programmer and network admin should know.

Created by Grzegorz Aksamit - Entrepreneur, CTO, more than 15 years of experience in IT. Startup co-founder, hackerone community member.


Students: 950, Price: $19.99

Students: 950, Price:  Paid

Wireshark is the most powerful network analysis tool every coder should know. After you learn it it'll become one of the most important application in your toolbox.

If you are ...

  • experienced coder / programmer
  • ... or just learning programming
  • network administrator
  • linux enthusiast
  • interested in security and hacking

... this is the course for you!

I have more than 15 years of experience in programming and reverse engineering and I know how much harder my life would be without tool like Wireshark. That's why I've made this course. If I had such edu resources available when I was learning I could leapfrog to the next level and save a lot of time spent on trial and error.

The course is 19 lectures, 60 min of video content in total. It's pure knowledge, straight to the point, stripped of all unimportant crap.

Students so far rate it at 5 out of 5 stars. I'm confident you will not regret the one hour time investment in this course.

Here's what other students said about this course so far:

  • Elena Seranova ★★★★★: Impressed! This course def. helped me learn a lot about Wireshark!

  • Manuel Kraus ★★★★★: Wireshark is a great tool to analyze and manage your network and this course offers a solid, well-delivered introduction.

  • Yin Yin ★★★★★: Great intro to Wireshark! Good reference for Wireshark and great for new comers. A must have for anyone who really wants to get the most from Wireshark.

  • Mitch Stevens ★★★★★: Very too the point and helpful. The instructor has great knowledge of the course material and does a great job conveying that to the students.

  • Silviu Marisca ★★★★★: This course is brilliant and I truly recommend it

You can read more excellent reviews like that on the bottom of this page.

During this tutorial you'll learn how to use Wireshark sniffer to capture network traffic and then analyse it.

This is beginners course so I'll cover network related terms like TCP and network infrastructure basics.

You will learn how to install and run Wireshark on Windows, Mac OSX and Linux - console only systems.

I'll teach you how to capture network traffic, use capture filters and what is the promiscuous mode. I will also show you how to capture network traffic on remote unix system using command line tool: tshark.

Then, you'll learn captured packets analysis. I will teach you how to use and customize the main Wireshark window, what are dissectors and how are they related to display filters.

You will learn some advanced techniques like extracting files from captured network streams and separating one specific connection from the pcap file.

During the course I will provide you with a lot of external resources where you can learn more about Wireshark and network security in general.

At the very end, as a bonus session, I will show you practical example of capturing a password sent over HTTP connection.

CCNA Cyber Ops Tools: Sec Onion, Wireshark, and Kali Linux

Build home labs for the Cisco CyberOps Associate Exam CBROPS 200-201 using Security Onion, Sguil, ELSA, Metasploit, Nmap

Created by Bassam Alkaff • Remote Author @ INE - Remote Author @ INE & Cisco Instructor, CCDP, CCNPx3, VCP


Students: 625, Price: $59.99

Students: 625, Price:  Paid

***** Very Similar to my INE Course *****

It is estimated that there will be about 1.5 million unfilled jobs in cyber security by the year 2020. A more recent statistic increased this number for cyber security unfilled jobs to be 3.5 million by the year 2021. In addition, recent article highlights Cisco Systems intention to become a cyber security force. For these reasons, Cisco created the CCNA Cyber Ops certification, which can become one of the most certifications in demand in the near future. Furthermore, Cisco created a scholarship program for this certification, which emphasis its importance. 

In this course you will learn about the tools that you can use for your study of the CCNA Cyber Ops certification and the current Cisco CyberOps Associate certification. Learning the theory side is important, but the hands on side is more important, since the main purpose of your study is to apply your knowledge in production, and since your hands on will enforce your theory knowledge. You can not teach someone how to drive a car by showing him or her how to do it, but you have to let him try and practice how to do that. Furthermore, showing you hands on labs and how to use tools without teaching you how to create these labs and install these tools, might not give you the ultimate benefit from your study . For this reason, I have created this course to teach you how to create your own home labs, and to understand the core usage and important features of the tools used in them. I believe in the saying: "Give a man a fish and you feed him for a day; teach a man to fish and you feed him for a lifetime". If you have access to online labs, such as that offered by Cisco through their scholarship, you still need to know how to create your own home labs to continue practicing and experimenting, which is what this course will help you to achieveOn the other hand, this course will prepare you to go through these online labs quickly, and with confidence, since you will be familiar with the tools used in them.  And not just online labs, but any other hands on Cyber Ops courses, like what I intend to publish in the near future.

This course will teach you how to use the following tools:

  1. Security Onion (Including VM installation, working with PCAP files, ELSA, Sguil. Squert, and Kibana).

  2. Wireshark.

  3. Kali Linux.

  4. Metasploit.

  5. Nmap.

  6. VirtualBox.

  7. GNS3.

This course includes several practical assignments and a practice test, in order to asses your understanding of the material included. I strongly recommend that you try the assignments and answer the question included in them, after trying solving the task practically, or even after watching the solution video. Each assignment will give you thorough and comprehensive understanding of the related topic.

I hope that you will join me in this course and start your Cyber security journey. Happy learning!

4G LTE EPC – Advanced Troubleshooting using Wireshark

Become an industry leading expert at troubleshooting EPC LTE call flows by analyzing captures using wireshark

Created by Suryabh S - Network Engineer


Students: 471, Price: $49.99

Students: 471, Price:  Paid

Ask your self -

  • Are you a LTE engineer who is looking to take their understanding of LTE EPC to the next level ?

  • Do you want to become an expert at identifying and resolving issues ?

  • Do you want to learn how to use Wireshark (industry leading tool for network analysis) for analyzing LTE call flows ?

  • Do you want to learn by analyzing traces and network captures from real networks ?

  • Do you want to ace your LTE interviews by answering trick questions ?

If yes, then this course is for you. This course will cover all practical aspects of EPC troubleshooting by analyzing captures from real networks. Unlike other courses and books that offer theoretical background this course relies on real world examples.  We will go through all concepts related to LTE EPC and offer tricks/tips for identifying and resolving network issues. After taking this course you will become an expert at LTE debugging.

Course Objectives -

  • Provide solid foundation to troubleshoot real network problems by introducing all necessary concepts.

  • Analyze practical call flows for the following scenarios/Interfaces -

    • Enodeb - MME - S1AP (S1 setup, Heartbeat, enb configuration update etc.)

    • LTE attach/detach (combined/PS only)

    • SGs for CSFB (MT/MO voice and SMS)

    • Default Bearer Creation (S11, S5-C)

    • Authentication (S6a), Cancel Location Update procedure.

    • Role of Diameter Routing Agent in LTE

    • DNS in LTE EPC SGW and PGW selection

  • Provide tips and tricks for troubleshooting problems in LTE EPC by looking a real network traces using wireshark.

  • Make you a power user of Wireshark for debugging LTE issues

  • Understand all the key parameters and failures using real-network traces

Follow Me to Learn Wireshark Packet Capture

Follow Me to learn this incredible tool as we learn how to capture and analyze data packets.

Created by Andrew Walding - Researcher, Author, Instructor, Consultant


Students: 107, Price: $19.99

Students: 107, Price:  Paid

No slides, just follow me as we learn a solid foundation of how to use and leverage key features of Wireshark for packet capture and packet analysis.  This course will cover all the fundamentals of Wireshark, setting a solid foundation for baselining and troubleshooting packet networks.   Taught in the "follow me" modality, this course is basically one big set of hands on labs, one after another, that the student uses to build a solid usable skill set.

The Ultimate Wireshark Course

For Blue Teams, Incident Responders and SOC Analysts

Created by Vonnie Hudson - Ethical Hacker and Teacher


Students: 106, Price: $99.99

Students: 106, Price:  Paid

All New For SpringSummer 2021!

This is the course I wish I had when I was learning about how computer networks work!

You're going to not only learn how to MASTER Wireshark but also gain a deep understanding of computer networks so you can troubleshoot common networking issues and rapidly respond to cybersecurity breaches when a computer gets hacked!

This is the perfect course for anyone who wants to gain true mastery over Wireshark, finally understand how networks work, how to diagnose common network related issues and respond to advanced threat actors who may be in your network. We'll cover some pretty advanced attacks hackers are using to breach organizations and I'll show you how you can use Wireshark, Brim, Suricata, Bro/Zeek and more to bolster your security and keep the bad guys out!

This is a hands on course. It also includes packet captures files you can load into Wireshark and immediately start learning. As always if you have any questions just hit me up on my email address and I’ll be sure to respond (or leave a comment and I’ll jump in and answer your questions!)

We will also be setting up everything in a private local lab so you have complete freedom to experiment and learn.

It's going to be a lot of fun! Let's go! Right! Now!


Learn Wireshark From Scratch – Quick and Easy Guide

A Tool that can easy your packet analysis job..!

Created by Joby Joseph - Test Automation Architect


Students: 89, Price: $79.99

Students: 89, Price:  Paid

Wireshark is the most powerful network analysis tool every technical person should know. After you learn it it'll become one of the most inevitable tool in your collections.

If you are ..

  • experienced coder / programmer
  • new programmer
  • network administrator
  • linux enthusiast
  • interested in security and hacking

... this course is for you.

We will take static capture files that you will be provided and show you how to analyze them within the Wireshark tool. You will learn ways to quickly identify anything that is abnormal within a network packet capture. This will provide you with the initial skills for start using wireshark for protocol analysis.

-The course prepares the student for understanding network protocol analysis -After the course you will have the initial skills for packet analysis.

- This course is for beginners or people interested in learning protocol analysis and don't where to start.

Packet Capture Analysis – What You Really Need To Know

Solve Network Based Problems Using Wireshark

Created by Adam Streeter - Network Guy


Students: 76, Price: $39.99

Students: 76, Price:  Paid

Learn how to use Wireshark and packet capture analysis to solve performance and connectivity problems.  This course is not bloated with every possible menu item and repetitive examples.  I will show you the key features and techniques that I have used routinely to solve hundreds of problems.

You will solidify your knowledge through quizzes and practice assignments using real-world packet captures.

This course assumes a basic IT familiarity (e.g., entry level technician) and no prior experience with Wireshark or packet capture analysis.

Network Analysis Using Wireshark 3

Learn to work with the most popular network analysis tool!

Created by Packt Publishing - Tech Knowledge in Motion


Students: 40, Price: $89.99

Students: 40, Price:  Paid

Wireshark is an open-source network protocol analyzer. It is the world's leading packet analyzer when it comes to analysis, troubleshooting, development, and other security-related tasks.

Wireshark 3 comes with interesting features designed to make things easier and smoother for developers, sysadmins, and security analysts. This practical and hands-on course will be your perfect guide and will help you gain real-world practical knowledge about network analysis with Wireshark 3.

You will begin with a quick introduction to Wireshark, network protocols, and OSI layers. Then learn to understand how Wireshark works and its important functionalities. You will master dedicated Wireshark tools such as capture tools, tracing tools, traffic generators, and more. Then become familiar with the new features that Wireshark 3 has to offer, how they differ from previous ones, and how they can benefit you as a user.

In a step-by-step manner you'll learn how to analyze your network, through clear examples and hands-on activities. Specifically, you will learn how to analyze data, identify glitches, capture web traffic, and will cover topics such as packet analysis, IP filtering, and protocol filters.

You will also learn how to secure your network with Wireshark 3 and how to use its command-line tools effectively. Finally, cover techniques that will help you troubleshoot your communications network.

By the end of the course, you will feel confident about using Wireshark 3 for your day-to-day network analysis tasks.

About the Author

Mohamad Mahjoub is a prolific writer and a Cyber Security Expert with over 15 years' experience, including more than 5 years working with Wireshark. He is a licensed and certified CISSP, ISO Risk Manager, CISA, PMP, and ITIL.

He obtained his Master's Degree in Computer Science from the Lebanese American University, where he graduated magna cum laude.

Mohamad's accomplishments and research acumen drive him and are rooted in his professionalism. He is qualified to offer first-hand professional cyber security services to individuals and companies. Since 2012, Mohamad has delivered many IT courses to fresh graduates, IT professionals, senior and executive management, and business owners, all on top of his online multilingual cyber security courses with more than 30,000 students enrolled worldwide.

Currently, Mohamad works as CISO for a French multinational company, where he is responsible for the security of IT and OT operations throughout the Middle East.

Follow Me to learn Wi-Fi Packet Capture using Wireshark

Troubleshooting WLAN/Wi-Fi Packets

Created by Andrew Walding - Researcher, Author, Instructor, Consultant


Students: 24, Price: $19.99

Students: 24, Price:  Paid

Follow me as I show you how to properly capture WLAN/Wi-Fi traffic on Windows, MAC OSX, or (Debisan) Linux machines using Wireshark.  This is not as easy as it appears, and this course will break down the challenge as well as arm you with what you need to both capture and start analyzing WLAN/Wi-Fi traffic.

Network Protocol Analysis Using Wireshark Part-2

You will effectively be able to use Wireshark and troubleshoot networks with a understanding on how protocols work !

Created by Vinod Senthil - Cyber Security Expert


Students: 24, Price: $19.99

Students: 24, Price:  Paid

If you did plan to start your career in Information Security, Network Protocol Analysis is a crucial skill that has to be acquired. In this course, we will cover the following,

  • Built display filter expressions, this helps us to filter packets of our interest. This portion helps you to familiarize yourself with Wireshark's Display filter language.

  • In the TCP based protocols, we can see the data from the TCP stream. In this course, you will learn to follow a TCP stream, reconstruct a TCP Stream, and recover an unsecured username and password from Trace.

  • While investigating any suspicious activity, it is very important to export objects from a PCAP file. This course covers exporting objects from HTTP traffic and reconstruct the browsed images.

  • ·You might have to create a profile in Wireshark, which helps us in saving significant time to audit/troubleshoot the network.

  • TCP three-way Handshake Analysis helps you to identify and analyze the initial three-way handshake.

  • Decoding the ICMP packet to understand the Double Deaded ICMP Packet Analysis.

  • Create an I/O graph to plot the packet data and protocols in visual representation.

  • A conversation is a traffic between two IP addresses. We cover to extract and Save a single subnet conversation.

  • Understanding the Zero Window Condition and Windows Update process.

Wireshark WCNA Practice Exams (200 Questions)

Prepare for the Wireshark Certified Network Analyst Exam

Created by Paul Browning - Cisco Engineer and Internet Entrepreneur


Students: 11, Price: $29.99

Students: 11, Price:  Paid

Wireshark is the go to tool for every network engineer, security professional and wireless engineer. It can be used to:

  • Baseline network performance

  • Detect protocol issues

  • Find the cause of performance issues

  • Conduct network forensics

  • Analyze suspect traffic

  • Troubleshoot DHCP, DNS, HTTP, IPv6 etc.

Every IT professional should be able to use Wireshark. Passing the exam will give you a deep understanding of TCP, IPv6, wireless, voice, network performance and much more. This knowledge will prove invaluable for exams such as the CompTIA Network+ and Security+, Cisco CCNA and CCNP, Ethical Hacking and Penetration Testing and any network support role.

The four practice exams will prepare you for the real thing as every syllabus topic is covered multiple times.

  1. Exam 1 (50 questions)

  2. Exam 2 (50 questions)

  3. Exam 3 (50 questions)

  4. Exam 4 (50 questions)

The WCNA exam costs $299 to sit and the average first time pass rates are well under 50%. For this reason you must prepare by using a quality study guide, doing hands-on labs and taking a lot of practice exams. This is where we come in. You need to getting 95% or higher in EVERY exam before you take the real one.

Please ensure you spend around 50 hours testing all of the features of Wireshark before attempting the exam. Use the practice exams as both a study tool and a exam readiness checker.

Using Wireshark to Understand the Zigbee Network Layer

Internet of Things

Created by Dr. Avril Salter - Principal Network Architect


Students: 10, Price: $34.99

Students: 10, Price:  Paid

Zigbee is the dominant protocol being used in sensor networks in our homes and enterprise organizations. If you are working in the Internet of Things (IoT) space, then you need to have an understanding of what Zigbee is and how it works.

The best way to get an in depth understanding of network protocols, such as Zigbee, without spending hours reading technical books and specifications, is to actually look at the traffic that is traversing the network. 

In this course you will download and look at Zigbee packet captures in the open source packet capture tool called WiresharkTM. No prior working knowledge of Wireshark is required.

The video is a just over hour long. However, it is recommended that you allow 2 hours to take this course, so that you may follow along with the Wireshark analysis.

Indicators of attacks by using Wireshark

learn how to find the indicators of attacks in Wireshark

Created by Ali N F - Ottawa Tech Academy


Students: 6, Price: $89.99

Students: 6, Price:  Paid

This course will teach the students how to find indicators of different kind of attacks in Wireshark. 

for example, students will learn how to find indicators of different types of nmap scanning (TCP scan, Null scan , stealth scan, fin scan and hping3 scan).

Also, students will learn how they can tell there is an attack going on by reading the traffic and find indicators of the the attack.

examples of attacks and their indicators in Wireshark  are :

   Indicators of SYN FLOODING ATTACK

Indicators of Mac flooding attack

Indicators of ICMP flooding attack

Indicators of land attack

Indicators of Smurf attack

Indicators of Ping of death attack

Indicators ARP poisoning attack

Indicators of DNS spoofing attack

  Indicators of FTP Cracking

Indicators of SQL injection attack

Indicators XSS attack

Sniffing in wireshark

This course will teach the students how to find indicators of different kind of attacks in Wireshark. 

for example, students will learn how to find indicators of different types of nmap scanning (TCP scan, Null scan , stealth scan, fin scan and hping3 scan).

Also, students will learn how they can tell there is an attack going on by reading the traffic and find indicators of the the attack.

examples of attacks and their indicators in Wireshark  are :

   Indicators of SYN FLOODING ATTACK

Indicators of Mac flooding attack

Indicators of ICMP flooding attack

Indicators of land attack

Indicators of Smurf attack

Indicators of Ping of death attack

Indicators ARP poisoning attack

Indicators of DNS spoofing attack

  Indicators of FTP Cracking

Indicators of SQL injection attack

Indicators XSS attack

Sniffing in wireshark