I am about to do a short presentation in my Network Essentials class on the use of Wireshark in Digital Forensics, since my degree is focused on Advanced Digital Forensics. I am hoping to find more info on what this community finds to be the best uses of Wireshark for a digital forensics examiner.
FYI, I have read some white papers, looked at articles posted online, and used Wireshark for two semesters, so I am not looking for a basic Wireshark tutorial. There are some fantastic ones online already!
Aloha,
JJ