diff --git a/malware-analysis_ref_and_memo.md b/malware-analysis_ref_and_memo.md
index 86dddbc..e21fda4 100644
--- a/malware-analysis_ref_and_memo.md
+++ b/malware-analysis_ref_and_memo.md
@@ -82,10 +82,16 @@ DFIR,マルウェア解析，OSINTに特化したUbuntuベースのディスト
 
 ### Traffic Analysis tools
 - **[Wireshark](https://www.wireshark.org/download.html)**
+	- 
+	- http/httpsリクエストを表示/宛先ホスト・サーバ名を確認
+	```
+	http.request or ssl.handshake.type == 1
+	```
 	- CLI版はTShark
     	- ref:
         	- [Wireshark Tutorial,Unit42(2019)](https://unit42.paloaltonetworks.com/tag/tutorial/)
 		- [Decrypting SSL/TLS traffic with Wireshark](https://resources.infosecinstitute.com/decrypting-ssl-tls-traffic-with-wireshark/)
+		- [Wireshark Tutorial: Decrypting HTTPS Traffic](https://unit42.paloaltonetworks.com/wireshark-tutorial-decrypting-https-traffic/)
 - **tcpdump**
 - **[Scapy](https://scapy.net/)**
 - **[Fiddler](https://www.telerik.com/fiddler)**