Wireshark Scripting with Lua

Wireshark is a highly customizable software for network analysis. The Lua scripting language can be used to extend nearly all aspects of Wireshark including the definition of new protocols (protocol dissectors), event triggers, GUI elements, etc. In this hands-on training, attendants will learn how to customize Wireshark to their own needs for network analysis, protocol research, etc. using Lua scripts.

Topics of the training:

  • Introduction to the Lua scripting language and the Lua-API in Wireshark
  • Write your own protocol dissectors for protocol reverse engineering, support of uncommon protocols, etc.
  • Extend existing protocol dissectors for a more detailed view on a network protocol
  • Create listeners to trigger events based on traffic patterns
  • Create your own UI elements (menu, windows, preferences) within Wireshark, File IO
  • Application of Lua scripting for automated analysis and post-processing tasks


  • Basic understanding for common network protocols
  • Laptop with administrator privileges (we provide the training environment on a bootable USB thumb drive)

About the Speakers