• Dissecting the Client Hello with Pyshark - Katherine Leese

This talk covers using Pyshark for network capture files, focusing on accessing nested elements in network packets, particularly within Client Hello packets, including encryption suites and TLS versions. It provides a guide on effectively using Pyshark, addressing the gaps in current documentation and offering practical insights. The session will cover the basics of loading pcap files, inspecting packet types and layers, and using commands to list packet layers and extract details. It includes a practical example of extracting offered encryption suites from Client Hello packets to ensure secure encryption methods. By applying Wireshark display filters in Pyshark, packets can be identified efficiently. Key issues and solutions when using JSON and Python objects will be highlighted, helping avoid errors and process data smoothly.