Netresec
RawCap Redux
A new version of RawCap has been released today. This portable little sniffer now supports writing PCAP data to stdout and named pipes as an alternative to saving the captured packets to ...
Remote Packet Dumps from PacketCache
This blog post describes how to dump a packet capture (pcap file) on a remote computer, which runs the PacketCache service, and retrieve that pcap file using only PowerShell. PacketCache is a ...
NetworkMiner 2.3.2 Released!
NetworkMiner 2.3.2 was released this morning, and there was much rejoicing! Image: U.S. Navy photo by Stuart Phillips (source) This new release primarily fixes bugs related to extraction of emails and VoIP ...
NetworkMiner 2.3 Released!
The free and open source network forensics tool NetworkMiner now comes with improved extraction of files and metadata from several protocols as well as a few GUI updates. But the biggest improvements ...
Examining Malware Redirects with NetworkMiner Professional
This network forensics video tutorial covers analysis of a malware redirect chain, where a PC is infected through the RIG Exploit Kit. A PCAP file, from Brad Duncan's malware-traffic-analysis.net website, is opened ...