Packet Analysis

Wireshark packet analysis.

Packet capture review focused on DNS and HTTP traffic to show what plaintext protocols reveal and why transport security matters.

Tool Wireshark for packet capture and stream inspection.

Protocols DNS and HTTP in plaintext transport.

Focus Metadata exposure, requests, and traffic visibility.

Output Analysis notes, protocol observations, and filter examples.

Project view

This project looks at normal DNS and HTTP traffic and shows how much someone can learn when protocols are left in plaintext.

Project access

Start with the project notes for the overall aim. The protocol notes explain what was visible in the capture and why that matters from a security point of view.

Project notes PDF Protocol notes PDF

Analysis flow

How the packet review was structured.

01 Capture review

traffic scoped and filtered

02 DNS inspection

query metadata reviewed

03 HTTP inspection

requests and headers analysed

04 Security takeaway

plaintext risk explained

Basic overview

This project inspects ordinary DNS and HTTP traffic in order to show how plaintext protocols expose metadata and user activity to anyone who can observe the traffic.

The aim was to use packet analysis to make the security risk clear: even when there is no malware involved, plaintext transport can reveal enough information to matter.

What was inspected

DNS lookups showing requested domains and resolution behaviour.
HTTP requests showing URIs, headers, and host information.
Traffic filters used to isolate the protocols cleanly in the capture.
Session details that demonstrate why plaintext visibility matters.

Why it matters

The security value here is understanding what can be observed before encryption is applied. That matters for both network monitoring and explaining why secure transport is needed.

What it shows

This project shows protocol awareness, careful traffic inspection, and the ability to turn packet-level observations into a clear security explanation.