Al-Hikmah University Journal

In the digital age, securing network communications is critical, with HTTP and HTTPS protocols being integral to web data transfer. Despite HTTPS providing enhanced security through TLS encryption, both protocols exhibit vulnerabilities that can be exploited by attackers. This study explores how Wireshark, a powerful network protocol analyzer, can be utilized to detect and mitigate these vulnerabilities. Through the examination of HTTP traffic and the decryption of HTTPS traffic, the research identifies common weaknesses such as session hijacking, man-in-the-middle attacks, and information leakage. The analysis includes inspecting the TLS handshake process and the security of various cipher suites, highlighting the potential risks associated with outdated or improperly configured protocols. A methodology involving the capture and detailed analysis of network traffic using Wireshark is presented, supported by case studies on several websites. The findings underscore the necessity of robust encryption practices, regular security audits, and proper certificate management to enhance the security of network communications. By adopting these strategies, organizations can significantly reduce their exposure to potential vulnerabilities, ensuring the protection of sensitive information and maintaining the trust of users.