HTTPS Decryption with Wireshark // Website TLS Decryption

Bring Chris back! We need this deep dive into TCP

NOTE: Jump to 24:17 if you are only interested in the Wireshark capture and SSL decryption technical explanation. You can also follow along by downloading the Wireshark pcap using the link below.
Next part of the video is now available here: ua-cam.com/video/yodDbgoCnLM/v-deo.html
Learn how to decrypt TLS / HTTPS traffic using Wireshark.
// MENU //
0:00 ▶ Is it important to learn Wireshark
2:19 ▶ Will you get a better job?
3:16 ▶ Welcome Chris
3:40 ▶ Defcon presentation
5:44 ▶ Why TLS decryption
7:20 ▶ Wireshark capture
8:26 ▶ What is SSL and TLS
9:44 ▶ How do you get the capture (Man in the middle)
11:03 ▶ Key exports for Wireshark
13:56 ▶ Which keys are stored in the keylog
15:55 ▶ Client and server key generation
18:10 ▶ Process - keys and wireshark
21:00 ▶ Wireshark capture explained
24:17 ▶ TLS negotiation and Wireshark details
29:04 ▶ How to import the keys into Wireshark
// LINKS //
PCAP file: davidbombal.wiki/ssldecryptionpcap
How to Decrypt SSL with Wireshark - HTTPS Decryption Guide: davidbombal.wiki/sslwireshark
Man in the middle Python script: ua-cam.com/video/O1jpck31Ask/v-deo.html
Chris TLS decryption: ua-cam.com/video/5qecyZHL-GU/v-deo.html
Intro to Wireshark: ua-cam.com/video/OU-A2EmVrKQ/v-deo.html
// SOCIAL //
Discord: discord.com/invite/usKSyzb
Twitter: twitter.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
UA-cam: ua-cam.com/users/davidbombal
//CHRIS GREER //
Udemy course: davidbombal.wiki/chriswireshark
LinkedIn: www.linkedin.com/in/cgreer/
UA-cam: ua-cam.com/users/ChrisGreer
Twitter: twitter.com/packetpioneer
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Dear David and Chris,
Yes, more, please.
Extremely helpful content. It's one thing to read the book. It's another to hear a conversation between experts.
I would love to hear about the fine details like WS, MSS, and SACK PERM.
The hacking videos are always appreciated.
But the long conversations about fundamental technologies like TCP help me with everyday troubleshooting.

This Deep Dive series about networking stuff is literally gold, it's so helpful, you can't find lots of these tutorials with this quality, thanks to David & Chris, I'd love to watch more of this series.

Thank you David for the great opportunity you have created for those who want to learn, those you have help choose the right track, especially us here in Nigeria where you have to pay right from your nose to get what you want and sometimes with much payment still not getting the value for money paid. I have been personally blessed with your free trainings and coaching...

Man bringing in pros from different areas of IT to give their share of knowledge in bite size pieces videos is absolutely awesome!

We need more of these cross over sessions, Chris is awesome when it comes to Wireshark.

Thank you David for giving us other people to learn from, they are always interesting.

Impressive, it has been a long time since I saw a person explain a topic so brilliantly !!! ... I am speechless, I look forward to more, more and more videos !!! ... Thank you very much David for bringing us to this incredible person

I got my first network engineer position offered, largely because of my knowledge of TLS… (because of this video)…. Has he ever came back for a tcp deep dive. This content is so good! Forever grateful for your channel!

This does not only go for this video but for all your videos: You produce motivational and very helpful content for people who want to start in the IT industry. As for me personally I can say that your videos helped me tremendously in getting a job in a big IT company without a degree in Computer Science. Always happy to see new content from you. I'm sure I am not the only person who you have helped. So thank you very much :)

Definitely need to bring Chris back for some more wireshark!! This stuff can be hard to grasp and its nice to have it explained clearly by the two of you. Thanks and keep up the great work!

It astounds me how many IT people don't even consider looking at packets as part of troubleshooting. It makes it so quick to narrow down issues most of the time, especially with machines talking over a network. And yeah it usually just requires knowing what the normal traffic looks like to get some sort of insight into an issue, even when it's not specifically network related.
When it comes to troubleshooting it kind of reminds me of the difference between a theoretical physicist and a experimentalist. One says this is how something should work, or what's most likely the issue, and the one who looks at the packets is like the experimentalist seeing what's actually happening.

wow David - thank you so much for interviewing him. I was thinking about how to decrypt encrypted HTTPS traffic over a long period of time. Now the pieces are coming together with a detailed TLS explanation and how to capture the key pairs. I am hyped for the next session. Once again, thank you for asking these questions even if you know the answer. Really helpful.

Didn't know David was connected to all these awesome Packet Heads that are ready to shred some TCP (TLS, HTTP2, etc) with Wireshark. 😃 Great to meet you all!

Wow I absolutely knew nothing about Wireshark and now i feel much more confident using it now to understand packets. Thank you so much! Please do more videos :)

Great Video David, as always. Chris's explanations are also clear as crystal
Frustration came at the end of the video when it suddenly stops.
can't wait for the next episode !
tcp windows demystified would very much interest me
cheerio

Once again David Bombal delivers a HOT topic. I'm re-learning networking after a decade 'absence' as a Software Troubleshooter--mostly because I turned 58 and decided to do the things I should have done years ago, rather than run down the Microsoft Rabbit hole. I'm going back to what first drew me into IT...networking. Currently working on my CCNA--will be taking the test in February.
Looking forward to Part 2! and future conversations with Chris!

OMG, I just discovered Chris's channel a few days ago...and here he is!

This is your most informative interview, yet. This interview makes the other seem like a bunch of dudes just beating their chests about their ego. Please continue this format. Thank you, Sir Bombal.

Man its crazy i was just rewatching Chris' Wireshark presentation at Shark Fest. Such a standup guy. Good content

love this collab.. it would be awesome to see more content from both of you guys in a single video like this
I've been a fan of Chris for a while now and he has been a godsend when it comes to learning wireshark
videos that go into detail and examine things in detail in practical examples are really helpful for learning
as always thanks for the wonderful content David... much appreciated

Thx MR BOMBAL THIS GUY IS GREAT I M FOLLOWING HIM SINCE A SHORT TIME GREAT GUY AS ALWAYS thx

initially i thought this video is useless but keep it watching, its worth watching. thanks for making this video.

Following Chris's channel, brilliant guy and amazing teaching and explaining talent. Just as you are, David.

even if i don't know what the lesson talking about isupport you our really legend. from somalia👌👌👌

I love how encryption works(Hand-shake's),please do more of TCP i loved the way the three way handshake works,remind's me of my CCNA days 2013.Excellent explanation with Wireshark.

Great content as usual, thanks David. As you suggested, If Chris could do a deep dive into tcp it would be greatly appreciated!!!

Good Questions from you David....one candid feedback to Chris is to stick to topic and be Crisp with concept instead of emotional quotient....we know its tough subject but we are here to learn the same

Probably the 4th time listening to this and I continue to learn and understand more each time I come back to it 🥳🙌

Chris's videos are very good. I've learned a lot from Chris and he's helped me advance in my career.

This guy makes a lot of sense. Thank you David for this video, I already subscribed to Chris' channel

Wow! I had tls handshake issue, found wireshark, and now exploring whole new world of tcp tls http - great idea to explain all this thing from packet point of view!

My first wireshark video and it's awesome! Please make more of them!

You are asking very deep questions David Bombal, thank you for making it easy.

Really really good teaching skill at both sides, David's a d Chris's. This content is gold !

Wow! Great Video. Loved it. Thank you both. David's guests are awesome. I'm so glad and thankful to David for introducing us to so many Industry Experts and High Class content. Eagerly waiting for the next part of this video.

As always great content David, I have learned today about Quic, I was not aware. Looking forward for another video of you both. Thanks for sharing another great video.

@David @Chris, i learned a lot more in this single video than ever for TCP/Wireshark :) Thanks for the video. WAITING FOR THE NEXT PART

Wow!! what a fantastic series. Topi cs are very well appreciated and sure helpful for troubleshooting and debug . Thanks a lot David and Chris. I am ready for more.

I'll just say this, go as deep as you like. LOVE this content.

extremely valuable content guys. Will definitely be following Chris as well.

Love people when sharing knowledge, thanks both for the thorough explanation!

Always great content David!! I see the links have a Pluralsight course. I am singing up now to for a deeper dive!! Of course I have to subscribe to Chris' channel as well!! Thanks so much!!

Detailed Deep Dive into TCP? YES PLEASE!!!

Nice and I appreciate finding Chris's channel thru this. And I get showing how this works on the client side and forcing the machine to store the keys...but there's zero practical application in this. I know, educational purposes for people who don't fully grasp how this works, I get it. But show me this working on SNIFFED traffic you've gotten from an MITM attack and then I'll be impressed 🤣😂

Thank you David and Chris this video was awesome! Would love to see a future video explaining how you could possibly start sniffing public traffic and somehow organizing the stored keys to ip addresses. Your videos inspire me to keep going after it David! Thank you again

13:30 Packets & Keylogs
14:00 TLS how it works
19:00 steps
24:15 let’s start

Thanks David for introducing us to Chris just subscribed to his channel for all his great content too

iy's a primordial topic for networking, yes please we want more for wireshark packet analyzing

This is exactly what I was trying to figure out thank you guys

Great content as usual, Thanks David & Chris!. and yes definitely wanna see a deep dive into TCP & other protocols.

Great Video, Great Explanation and i am Looking forward for more Deep Dives with David, Chris and the Shark ;-)

An extremely motivating video. Made me want to learn some more with every information that have been mentioned. Thank you both for such a great work and approach in which you are handeling this topic.

I'm getting hooked on tcp, amazing content. Thanks

Thank David , please do more interviews with Chris, Wire Shark is a beast tool.

Awesome video! More please!

You truly know how to ask the right questions at the right time. You're simply brilliant. Thx for getting me hooked to your lessons :)

This wireshark lesson are incredible interesting! Please, make another one, two or more!

I really like the questions you ask David, always on spot

wow perfect timing, actually I started learning Wireshark a week ago

What a nice guy! Just discovered this channel and it's super interesting!

More of this! This was really interesting and educational. Brilliant Vid as always!

Wooow, this is nice session. Am so happy for this David, hope we will have part 2 of this.

LOVE THIS!!!! Definitely want more - thanks so much!

Thanks David, Chris has his own UA-cam channel witches is fantastic 😀

I knew this protocol aren't really secured until I saw your video explained my doubtfulness. Great content I like it! And defo subscribe your channel!

This is awesome.
Thanks for being so unselfish with the knowledge you guys got.
I appreciate
More, Please More.

Dave, Chris, thank you for your time.

Loved this video. Used to do packet caps a while back but got more high level at the Application level with Splunk. Great recommendation UA-cam Gods lol. Fantastic conversation! New subs and looking at more vids for sure.

This Chris dude in god of Wireshark he knows everything about it and he is also god of tcp

Yes very interested in more on this, as I use Wireshark too, but still learning it really! Already know most of what this is, but yes more would be nice and also ways to better protect oneself. Also, don't use Windows either, Linux yes, so am hoping that could be considered one layer to help as well, as I really don't think Windows is better at anything.

chris you are a very good teacher ,thanks a lot , and David is a very good host.

Thanks David and Chris for the content.
Question to Chris: How do you create all of those profiles in Wireshark ? (At the bottom right corner) Do they have some config / filters applied, right? Keep bringing some content like this David.
Thanks to both of you!
Subscripted to Chris YT channel from now

Yeahh man, Chriss is such a good teacher i would like to get a cours a to z about wireshark

Yes 👍 you both are very good together as in I am actually understanding so it would be nice if you both can present another video together

Exciting video, let´s go for more. I appreciate it.

Hi David its interesting to see live demo how TLS ,TCP works in real ,thanks for bringing this your channel .TCP party like it.crazy about it .

I want to learn everything there is to know about wireshark. Sign me up David.

wt a session.. thankz mr david for introducing new educated people that really helps us to make our journey better.. also u breakdown some questions and clarify all thing while session goes.. thnQ again🥰❤

Wow !!! We definitely need more this !!!! Thanks David and Chris !!!!

Very very interesting video David! Thank you aswell for asking those extra questions, for people like me who are new to this sort of stuff.

Very interesting !!! God bless both of you with good health and wealth...

Thanks David from India I am follower of your I love your content sooooooo much

Yes more with Chris and Wireshark please.

I’d like to see a session on the pros and cons of symmetric and asymmetric cryptography and an example of how a symmetric encryption key is exchanged between a client and server using asymmetric cryptography as I think it would help a lot of people with CEH and CISSP 😉

I like the way he said that, “syn-syn/ack-ack”. That makes it easier to remember. Yes I’m a noob.

I'm very interested to see more. Thank you for the video!

Great Content David, Looking forward for the next video.

Very informative. Keep makin this kinda videos.

I am so excited Chris is here!!!

Great video... thank you David and Chris!

Worthy video after long gap regards networking

That looks very interesting, to be honest. Please post more videos like this. Thanks a lot!

@DavidBombal Hey David, feller "Cyber" Security pro here... I would love to see a video on configuring wireshark to capture ja3(s) fingerprints as well. For it's a pretty cool hash getting more popular in investigations and such. Thanks for the good work mate

YEEEESSS from me!!! This is best series EVER!!!

Absolutely baller content, would watch hours of this if you have it

big like for you and your awesome guest!

Superb content. Look forward to hearing the info about http 2 & quic.

Hi David, is there a 2nd part of this video? It stops at 31:00 just when Chris was going to explain the differences between HTTP 1 vs 2, he says "HTTP 1"...then a ad pops-up and video ends :( Can we see the remaining video to show the decryption in full?