Threat Hunting in a nutshell. No Big Red Easy button. Not something that can be automated. Need analysts, trained analysts. Not an automated process, not something ML can do, regardless of what ...

 Nmap Basics Part 2TargetsNmap can take a variety of different target ranges. CIDR notation is still supported as in 12.30.2.0/24. You can also specify a custom range, like 12.302.1-64. You can mix and match ...

 Nmap 101 TutorialTwo common types of scans, syn scan and full connect scan-sS - Syn scan send a syn packet, if it receives a sysn-ack marks the packet as open and sends ...

 Introduction What are Berkeley Packet Filters? BPF’s are a raw (protocol independent) socket interface to the data link layer that allows filtering of packets in a very granular fashion1. BPFs were first ...

 Ten to fifteen years ago, a company having FPC (full packet capture) was an indicator of the seriousness of the company's information security efforts. Having trained analysts that could use those packets ...

 From here, with header diagram in hand, you should know be able to look at a packet dump and find the value you need, by counting from offset 0 to the correct ...

There's more to a primitive under the surface, and once we discover what it's actually doing, it opens up a whole new way for us to inspect and filter packets. Lets use the ...

There are many pcap tools available and which ones you use really depends on what you're using them for. Some are very good at just giving you the raw data, others parse ...

 1. Be a student of (information security, network security, cyber security). Always strive to know what the latest tactics, trends, and tools are and implement that knowledge into Operations.2. Never allow a ...

 If you're new to NetSec, you'll quickly find out network security is one of many silos in information security, and network security itself has many different roles.  One of these roles is ...