Network Diagram

Video: TrickBot and ETERNALCHAMPION

This video tutorial is a walkthrough of how you can analyze the PCAP file UISGCON-traffic-analysis-task-pcap-2-of-2.pcap (created by Brad Duncan). The capture file contains a malicious Word Document (macro downloader), Emotet (banking trojan), ...
Hack.lu 2018: Mind The (Air)Gap - Erez Yalon and Pedro Umbelino

Smart Bulb Offers Light, Color, Music, and… Data Exfiltration?

Smart bulbs are widely known as a successful offering in home automation and IoT products, as they are internet-capable light bulbs that allow home users to customize the colors, schedule on and ...
SEC-T 0x0B: Steve Miller - Reversing the TriStation Network Protocol

Reverse Engineering Proprietary ICS Protocols

One of the highlights at this year's SEC-T conference in Stockholm was Steve Miller's talk titled 'Reversing the TriStation Network Protocol'. In this talk Steve covered his quest to better understand the ...
Interesting Screenshots at Revolution 3 Tour

Interesting Screenshots at Revolution 3 Tour

Recently, my wife and I attended the Revolution 3 tour with Stone Temple Pilots, Bush, and The Cult. During Bush’s set, we heard “This is War” from the deluxe edition of 2017’s ...
Free tools: Internet traffic monitoring

Free tools: Internet traffic monitoring

There are many reasons why you might want to start Internet traffic monitoring, especially if you're a security enthusiast or amateur analyst. We list some free tools that have different use cases ...

Searching for a needle in a pcap haystack with pyshark

| | pcap, pyshark, python, Wireshark
Faced with a bit of a challenge recently: I had a large (multi-megabyte) packet capture file from Wireshark and needed to extract information from the start of each SSL/TLS session in the ...