snort

Wouldn't it be awesome to have a NIDS like Snort, Suricata or Zeek inspect HTTP requests leaving your network inside TLS encrypted HTTPS traffic? Yeah, we think so too! We have therefore ...

One of the highlights at this year's SEC-T conference in Stockholm was Steve Miller's talk titled 'Reversing the TriStation Network Protocol'. In this talk Steve covered his quest to better understand the ...

This short video demonstrates how you can search through PCAP files with regular expressions (regex) using CapLoader and how this can be leveraged in order to improve IDS signatures. Your browser does ...

Bring out your disco ball, your leg warmers, and your VHS tapes! While a lot of us watch the VH1 hit “I Love the 80s” for pop culture, I’m always drawn to ...

In continuation of observations from my GIAC Security Expert re-certification process, I'll focus here on a GCIA-centric topic: Scapy. Scapy is essential to the packet analyst skill set on so many levels ...