Wireshark Introduction and Traffic Analysis In this lab, I demonstrate how to capture, analyze, and decrypt network traffic using Wireshark, one of the most powerful open-source packet inspection tools used in cybersecurity and network forensics. The session covers: • Capturing live packets on a Linux host and understanding real-time traffic flow • Running Nmap host discovery and analyzing ICMP echo requests and replies • Saving packet captures for forensic analysis in .pcapng format • Understanding and visualizing encrypted web traffic (TLS 1.2 / TLS 1.3) • Configuring and applying an SSL key log file to decrypt HTTPS sessions • Comparing TLS versions and explaining why TLS 1.1 is deprecated • Viewing decrypted HTTP/2 and HTTP/3 traffic after successful key application This lab is part of a broader cybersecurity series exploring network reconnaissance, encryption, and secure communication analysis — bridging practical tools like Nmap and Wireshark with modern encryption standards. Tools Used: – Wireshark – Nmap – Chromium Browser – Linux Terminal (Kali / Ubuntu) – PCAPNG File Format Key Concepts: Network Packet Capture Traffic Filtering and Analysis TLS 1.2 / TLS 1.3 Decryption SSL Key Log File Usage HTTPS Session Inspection Ethical Network Forensics #Wireshark #NetworkAnalysis #CyberSecurity #NetworkForensics #TLS #HTTPS #Encryption #Decryption #Nmap #Linux #EthicalHacking #CyberRange #WiresharkLab #CyberDefense #KaliLinux