Network & Wi-Fi
Practice packet capture + analysis, safe MITM demos, WPA/WPA2 workflows, and network mapping. Everything runs in sandboxes or capture files built for learning.
What you’ll cover
- Packet capture & reading flows (PCAP basics)
- MITM demonstrations (ARP spoofing concepts, TLS caveats)
- Wi-Fi security: WPA/WPA2-PSK handshake flow & pitfalls
- Network discovery & mapping safely
Discovery & Mapping
Scope & permission docs first • Rate-limited scans • Safe banners only • Document subnets, gateways, services
Safety first
Use only provided lab files/targets. Never capture, probe, or interfere with networks you don’t own or have written permission to test.
Tip: pair this path with the Phish Detector to analyze suspicious links in emails captured in lab PCAPs.
Hands-on Labs
Follow the TCP Stream Easy
Use a PCAP to reconstruct a simple HTTP conversation and extract the hint.
ARP Spoof Demo Medium
Understand MITM via ARP, see what’s visible with/without TLS (demo only).
WPA/WPA2 Handshake Walkthrough Medium
Analyze a provided capture to identify the 4-way handshake and discuss defenses.
Safe Network Mapping Hard
Design a discovery plan for an internal lab, respecting rate-limits & scope.
Cheat-sheets
PCAP Reading
- Filter basics:
ip,tcp,udp,dns - Wireshark: “Follow TCP Stream”,
http.host,tls.handshake - Reconstruct flows; sanitize captures before sharing
MITM Concepts
- ARP spoofing in switched LANs (demo scope only)
- TLS salvages privacy; watch out for downgrade tricks
- Defenses: static ARP, DHCP snooping, NAC, HSTS
Wi-Fi Security
- 4-way handshake anatomy; PMK/PTK overview
- Strong passphrases; disable WPS; prefer WPA2/WPA3
- Guest VLANs; isolate IoT segments
Discovery & Mapping
- Scope & permission docs first
- Rate-limited scans; safe banners only
- Document subnets, gateways, services