Wireshark

Network Diagram

Video: TrickBot and ETERNALCHAMPION

| | CapLoader, Emotet, ETERNALCHAMPION, HybridAnalysis, malware-traffic-analysis, Network Forensics, NetworkMiner, pcap, TrickBot, trickster, video, videotutorial, VirusTotal, Wireshark
This video tutorial is a walkthrough of how you can analyze the PCAP file UISGCON-traffic-analysis-task-pcap-2-of-2.pcap (created by Brad Duncan). The capture file contains a malicious Word Document (macro downloader), Emotet (banking trojan), ...
NETRESEC Network Security Blog
Hack.lu 2018: Mind The (Air)Gap - Erez Yalon and Pedro Umbelino

Smart Bulb Offers Light, Color, Music, and… Data Exfiltration?

| | android, BLEAH, Blog, data exfiltration, Internet of things, iot, mobile application, Smart Bulbs, Sniffing, Technical Blog, Ubertooth, Wireshark, Zengge
Smart bulbs are widely known as a successful offering in home automation and IoT products, as they are internet-capable light bulbs that allow home users to customize the colors, schedule on and ...
Blog – Checkmarx
SEC-T 0x0B: Steve Miller - Reversing the TriStation Network Protocol

Reverse Engineering Proprietary ICS Protocols

| | BSI, Dragos, ICS, Nozomi, pcap, protocol, reverse, SCADA, SEC-T, snort, Steve Miller, TRISIS, TriStation, triton, Wireshark
One of the highlights at this year's SEC-T conference in Stockholm was Steve Miller's talk titled 'Reversing the TriStation Network Protocol'. In this talk Steve covered his quest to better understand the ...
NETRESEC Network Security Blog
Interesting Screenshots at Revolution 3 Tour

Interesting Screenshots at Revolution 3 Tour

| | Off Topic, Revoution 3, Wireshark
Recently, my wife and I attended the Revolution 3 tour with Stone Temple Pilots, Bush, and The Cult. During Bush’s set, we heard “This is War” from the deluxe edition of 2017’s ...
The State of Security
Free tools: Internet traffic monitoring

Free tools: Internet traffic monitoring

| | bitmeter, fiddler, network monitoring, resmon, tcpview, technology, url revealer, Windows, Wireshark
There are many reasons why you might want to start Internet traffic monitoring, especially if you're a security enthusiast or amateur analyst. We list some free tools that have different use cases ...
Malwarebytes Labs

Searching for a needle in a pcap haystack with pyshark

| | pcap, pyshark, python, Wireshark
Faced with a bit of a challenge recently: I had a large (multi-megabyte) packet capture file from Wireshark and needed to extract information from the start of each SSL/TLS session in the ...
Info Loss