11-07, 17:15–18:15 (Europe/Vienna), Palais Sachsen Coburg I-III
This talk covers using Pyshark for analyzing pcap files, focusing on accessing nested elements in network packets, particularly within Client Hello packets, including encryption suites and TLS versions. This presentation provides an updated guide on effectively using Pyshark, addressing the gaps in current documentation and offering practical insights. The session will cover the basics of loading pcap files, inspecting packet types and layers, and using commands to list packet layers and extract details. It includes a practical example of extracting offered encryption suites from Client Hello packets to ensure secure encryption methods. By applying Wireshark display filters in Pyshark, the talk demonstrates how to efficiently find needed packets. Key issues and solutions when using JSON and Python objects will be highlighted, helping avoid errors and process data smoothly. Learn to effectively access and use nested elements and specific data points with Pyshark.
Katherine is a tech professional with 18 months of experience, having retrained in her 40s to become a Computer Expert, specialising in System Integration. Originally from New Zealand, she is currently based in Germany. During her training, she undertook a practicum at SevenShift, a boutique IoT cybersecurity company in Cologne that recognised her talent and dedication, ultimately hiring her. She is now in a training position, where she is honing her skills and contributing to the company's security initiatives. Outside of her professional life, Katherine is a dedicated single mother to a teenager. She also plays bass guitar and provides backing vocals in a punk band, and if there's any time left over, you will find her on the netball court. She is also a member of the Haecksen, the FINTA branch of the CCC.