Files

comparing apple to orange

Comparison of tools that extract files from PCAP

| | Chaosreader, extract, Files, FTP, http, http2, IEC-104, IMAP, LPD, LPR, NetworkMiner, NFS, njrat, pcap, POP3, smb, SMB2, smtp, Suricata, tcpflow, TFTP, Wireshark, Zeek
One of the premier features in NetworkMiner is the ability to extract files from captured network traffic in PCAP files. NetworkMiner reassembles the file contents by parsing protocols that are used to ...
NETRESEC Network Security Blog
pyramid of pain

Hash Hunting: Why File Hashes are Still Important

| | Featured Articles, Files, hashes, IT Security and Data Protection, security, Threat Intelligence
According to Gartner, threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications and actionable intelligence. When security research teams or government agencies release threat intelligence reports, some of the more tactical ...
The State of Security

The Masquerade Ball: Train Yourself to Detect Spoofed Files

| | .exe, Featured Articles, Files, IT Security and Data Protection, Masquerade, spoofing
Masquerading is a technique used in which a file name is maliciously named something similar to one which may be trusted. This specific technique is outlined in detail in the MITRE ATT&CK ...
The State of Security