videotutorial
Emotet C2 and Spam Traffic Video
This video covers a life cycle of an Emotet infection, including initial infection, command-and-control traffic, and spambot activity sending emails with malicious spreadsheet attachments to infect new victims. The video cannot be ...
Start Menu Search Video
In this video I demonstrate that text typed into the Windows 10 start menu gets sent to Microsoft and how that traffic can be intercepted, decrypted and parsed. The video cannot be ...
Walkthrough of DFIR Madness PCAP
I recently came across a fantastic digital forensics dataset at dfirmadness.com, which was created by James Smith. There is a case called The Stolen Szechuan Sauce on this website that includes forensic ...
Detecting Cobalt Strike and Hancitor traffic in PCAP
This video shows how Cobalt Strike and Hancitor C2 traffic can be detected using CapLoader. Your browser does not support the video tag. I bet you're going: 😱 OMG he's analyzing Windows ...
Video: TrickBot and ETERNALCHAMPION
This video tutorial is a walkthrough of how you can analyze the PCAP file UISGCON-traffic-analysis-task-pcap-2-of-2.pcap (created by Brad Duncan). The capture file contains a malicious Word Document (macro downloader), Emotet (banking trojan), ...
Detecting the Pony Trojan with RegEx using CapLoader
This short video demonstrates how you can search through PCAP files with regular expressions (regex) using CapLoader and how this can be leveraged in order to improve IDS signatures. Your browser does ...
Examining Malware Redirects with NetworkMiner Professional
This network forensics video tutorial covers analysis of a malware redirect chain, where a PC is infected through the RIG Exploit Kit. A PCAP file, from Brad Duncan's malware-traffic-analysis.net website, is opened ...