Threat Hunting with Pyshark: Using Open Source Python Libraries to Automate Threat Hunting

Wireshark is an incredibly powerful tool for threat hunting with network data. In this edition of #TechTalkTuesday we talk about how you can take your network threat hunting efforts to the next level in python with pyshark. We walk through how to get started with pyshark and dive into detecting malicious scanning behaviors.

Please like and subscribe to support our channel!

Chapters:
00:00 - Intro
00:27 - Diving into Pyshark
02:15 - Installing Pyshark
02:40 - Getting Started With Live Packet Data
03:37 - Getting Started With Captured Packet Data
04:25 - Accessing Field Data
06:28 - Threat Hunting and Detecting Nmap Scans with Pyshark
11:18 - Wrapping Up

Welcome to Insane Cyber!
Formerly known as Insane Forensics, we've evolved into Insane Cyber—bringing cutting-edge cybersecurity solutions to the industrial world. Our mission remains the same: delivering full-spectrum visibility, rapid response, and expert-driven security to protect critical assets.

We’re the team behind:
🔹 Valkyrie – Security automation platform for fast, actionable insights
🔹 Cygnet – Rapid-response flyaway kit for field-ready cybersecurity
🔹 Corvus – Managed security services for continuous protection
🔹 Aesir – Professional services for expert-led cybersecurity solutions

Explore our latest innovations, insights, and tech talks right here.

---------------------------------------------------------------