Wireshark
The NSA HSTS Security Feature Mystery
I recently stumbled across an NSA Cyber Advisory titled Managing Risk from Transport Layer Security Inspection (U/OO/212028-19) after first learning about it through Jonas Lejon's blog post NSA varnar för TLS-inspektion (Swedish) ...
Raspberry PI WiFi Access Point with TLS Inspection
This is a how-to guide for setting up a Raspberry Pi as a WiFi Access Point, which acts as a transparent TLS proxy and saves the decrypted traffic in PCAP files. Image: ...
Video – Wireshark for Hackers
Get a Packet Level Foundation in Incident Response! Video and Slide Deck from EH-Net Live! August 2019 For those who were able to join us live with Laura Chappell during Wireshark for ...
Top 10 Uses of Wireshark for Hackers Part II
In a world... OK, just kidding. This isn't a movie trailer. However, the ever-increasing sophistication of attacks on our networks is no joking matter. To bypass firewalls, IDS/IPS, EPS, DLP and a ...
Webinar: Wireshark for Hackers
Register Now for a Packet Level Foundation in Incident Response! Join Laura Chappell as she demonstrates Wireshark’s use as a network forensics tool. Laura will walk you through some tricks used to ...
Top 10 Uses of Wireshark for Hackers Part I
Wireshark fits nicely in any toolbox of the network forensic analyst and ethical hacker. From hundreds of dissectors that decode the protocol and application fields, to the customization capability that enables you ...
PolarProxy Released
I'm very proud to announce the release of PolarProxy today! PolarProxy is a transparent TLS proxy that decrypts and re-encrypts TLS traffic while also generating a PCAP file containing the decrypted traffic ...
Video: TrickBot and ETERNALCHAMPION
This video tutorial is a walkthrough of how you can analyze the PCAP file UISGCON-traffic-analysis-task-pcap-2-of-2.pcap (created by Brad Duncan). The capture file contains a malicious Word Document (macro downloader), Emotet (banking trojan), ...
Smart Bulb Offers Light, Color, Music, and… Data Exfiltration?
Smart bulbs are widely known as a successful offering in home automation and IoT products, as they are internet-capable light bulbs that allow home users to customize the colors, schedule on and ...
Reverse Engineering Proprietary ICS Protocols
One of the highlights at this year's SEC-T conference in Stockholm was Steve Miller's talk titled 'Reversing the TriStation Network Protocol'. In this talk Steve covered his quest to better understand the ...
