Tags » Pcap

Deadly Arthropod Hack The Box Forensics Challenge Walkthrough

This one I did with a Perl script out of stubbornness back in December 2019. I solved 50 challenges that month! This was one of my favorites. 1,737 more words

Hacking Walkthroughs

HOWTO: Generate and Send FlowControl MAC Pause frames :: from linux

  1. To generate a flow control MAC pause frame , run the following:
    echo 0000 01 80 C2 00 00 01 00 00 00 00 00 00 88 08 00 01 FF FF 00 00 |
    text2pcap - /tmp/flow-control.pcap…
  2. 161 more words
Linux

How to Quickly Analyze a PCAP File

I am so excited to introduce NFPA – a Network Forensic Processing & Analysis tool!

NFPA – Network Forensic Processing & Analysis

My purpose behind NFPA tool is to provide Cybersecurity analysts a more efficient and automated (“click & forget”) means of executing commonly-used, open-source network forensics utilities and analysis queries against a piece of network evidence (PCAP). 269 more words

Info Security

Initial Security Onion Problems

I have been working on implementing Security Onion in a production environment. The two major problems that have given me headaches so far is storage on the sensor nodes, and internal networking. 410 more words

Tool Review

Python Scapy - capture packets and display contents in .pcap using tshark

# Use scapy to capture some packets.
##########################################################################
>>> packets=sniff(count=10, iface=”ens33″)
>>> packets
<Sniffed: TCP:3 UDP:0 ICMP:0 Other:2>

# Install tshark on CentOS7.5
##########################################################################
# yum whatprovides *tshark* 2,494 more words

Beginner

Optimizing WLANPi Extcap with Frame Slice Option

Background

Results from my previous post comparing WLANPi Extcap with Ekahau Capture + Sidekick, and a 9-year old iMAC convinced me that Ekahau Capture outperforms WLANPi Extcap considerably. 563 more words

Learning VPP: Trace with Wireshark

Overview

Each node in VPP is equipped with a possibility to trace the packets. This is a great debugging tool to investigate the issues with traffic. 199 more words

High Speed Networking