Introduction to Network Threat Detection with @suricata by Lukas Sismis at @openalt in Brno.
Perfect start of the conference day with analysis of #pcap from #anyrun and @malware_traffic
#weekend #education #networkforensics #BlueTeam
#NetworkForensics
Get excited for SharkFest’25 EUROPE in Warsaw, packed with powerful sessions that will sharpen your packet analysis skills!
- From Full Capture to Criminal Evidence - A Real-World Case of Lawful Interception: Join Daniel Spiekermann as he walks through a forensic investigation using nothing but sustained packet captures and Wireshark.
- A Wireshark-driven approach to understanding + troubleshooting MPLS (Pierre Besombes & Juan Pablo Azar Ricciardi): Dive deep into MPLS troubleshooting with Wireshark as your guide. Explore packet structures, label exchanges, and real-world traffic engineering scenarios.
- HTTP deep dive: With HTTP/2 & HTTP/3 now ubiquitous, André Luyer demystifies modern HTTP traffic. Understand nuances like status codes, caching behavior, cookie quirks, compression, & API-troubleshooting.
Don’t miss these sessions and many more when we gather November 3–7, 2025 in Warsaw, Poland.
Secure your spot and explore the full agenda: https://sharkfest.wireshark.org/sfeu
#sf25eu #Wireshark #PacketAnalysis #NetworkForensics #MPLS #HTTP #Cybersecurity
Unmasking Cyber Threats in India
From tracking hackers to safeguarding sensitive data, network forensics is the frontline defense in the digital battlefield. 🚨
Discover its importance, must-have tools, and real-world applications in our ultimate guide. 🛡️
📖 Read more 👉 https://www.ecsinfotech.com/the-ultimate-guide-to-network-forensics-in-india/
#NetworkForensics #CyberSecurityIndia #DigitalSecurity #CyberCrime #DataProtection #TechIndia #ECSInfotech #CyberAwareness #CyberForensics #ECS
Heading to SharkFest’25 EUROPE in Warsaw? Here are just a few of the session highlights you won’t want to miss:
- From Full Capture to Criminal Evidence: A Real-World Case of Lawful Interception (Daniel Spiekermann)
- Talk with Your Packets: AI-Powered Natural Language Interaction with Packet Captures (John Capobianco)
- Shift the Conversation: Open Source is Free, But Not Free-Free (Kelley Misata)
Join us this November 3-7 in Poland and learn from some of the best in the field.
Register now: https://sharkfest.wireshark.org/sfeu
#sf25eu #Wireshark #PacketAnalysis #Cybersecurity #OpenSource #NetworkForensics
Where Do We Begin? A Network Forensic Investigator’s Steps: https://medium.com/@cyberengage.org/where-do-we-begin-a-network-forensic-investigators-steps-3b8ee8279e1d
Ein weiteres Tool, das ich nutze, ist #NetworkMiner
Es ist ein leistungsstarkes Open-Source-Tool für #NetworkForensics, das mir die Extraktion von Artefakten wie Dateien, Bildern, E-Mails und Passwörtern aus PCAP-Dateien ermöglicht. NetworkMiner kann auch live Netzwerkverkehr erfassen und detaillierte Informationen über jede IP-Adresse aggregieren, was für passive Asset-Discovery und Übersichten über kommunizierende Geräte nützlich ist.
Seit 2007 hat sich NetworkMiner zu einem beliebten Tool für Incident-Response-Teams und Strafverfolgungsbehörden entwickelt und wird weltweit eingesetzt.
Für mich ein unverzichtbares Werkzeug, um Netzwerkdaten effizient und präzise zu analysieren.
😀 ✌🏼
#CyberSecurity #OpenSource #DigitalForensics #InfoSec #NetworkAnalysis #DFIR
BPF Ninja: Making Sense of Tcpdump, Wireshark, and the PCAP World:
https://medium.com/@cyberengage.org/bpf-ninja-making-sense-of-tcpdump-wireshark-and-the-pcap-world-6905797b94d4
Network Analysis via PowerShell: https://medium.com/@iramjack8/network-analysis-via-powershell-4f1a7460a19b
#networkforensics #WindowsForensics #powershell #digitalforensics
#dfir #knowledgedrop #networkforensics
Came across this gem again: a nice network analysis framework
https://github.com/arkime/arkime
So there is an NDIS Capture driver in the virtual switches for Hyper-V... guess what you can do with those? :o) #pcap #packetcapture #networkforensics #dfir
I had the pleasure to be at a #NetworkForensics training by @netresec last week.
If you have the opportunity to join a training, just do it!
It has been very intense, in-depth and was a lot of fun. You'll learn a lot and you can even win a t-shirt!
Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics. : https://github.com/mikeroyal/Digital-Forensics-Guide
#digitalforensics #mobileforensics #networkforensics #databaseforensics
If you want to create your custom #packetsniffer based on #Scapy, the recent webcast by #ActiveCountermeasures could be a good starting point.
Bill provided nice explanation and his sniffer template is available on GitHub.
https://github.com/activecm/sniffer-template
https://www.youtube.com/watch?v=gO3OjyyLN40
#networkmonitoring #networkanalysis #networkforensics #networking
Top 10 #Networking #Tools & Techniques by #ActiveCountermeasures.
I have lot of fun watching this video and there are several useful tips&tricks by Chris and Bill.
Especially recommended to see use cases for #tshark, #tcpdump with #BPF and counting connections per hour from PCAP an #zeek logs
Stratosphere's Slips and the AI VPN to appear at Black Hat Europe 2023 Arsenal!
#freesoftware #cybersecurity #infosec #machinelearning #networkforensics #networkdefense #packetanalysis
I will present our @civilsphere AI VPN this week at the 20th Conference on Detection of Intrusions and Malware & Vulnerability Assessment Arsenal in Hamburg.
The AI VPN is an AI-based traffic analysis tool to detect and block threats, ensuring enhanced privacy protection automatically. It offers modular management of VPN accounts, automated network traffic analysis, and incident reporting. Using the free-software IDS system, Slips, the AI VPN employs machine learning and threat intelligence for comprehensive traffic analysis. Multiple VPN technologies, such as OpenVPN and Wireguard, are supported, and in-line blocking technologies like Pi-hole provide additional protection.
We're ready for you, #RSA! Here are 5 things to do and see at #RSAC2023:
1. Get the coolest shirt at RSA ➡️ Are you ready to rock?! 🤘 Come get your "Metadata, Master of Packets" signature t-shirt at Corelight booth #1555. Book a demo with our experts to claim your tee >> https://corelight.com/resources/events/2023/rsa#book-a-demo-rsa
2. Disrupt a cyberattack ➡️ #Cyber defenders, try your hand at our #NetworkForensics CTF simulation today at 10:00 a.m. PST in the Dark Arts Village. Sign up to join us >> https://corelight.com/resources/events/2023/rsa#ctf
3. Read our latest announcement — GPT-4 ➡️ ... then see us at booth #1555 to learn how our full range of AI and ML models enable #SOC teams to detect a wider range of sophisticated #cyberattacks >> https://corelight.com/company/corelight-to-expand-ai-usage-across-portfolio
4. Reduce risk and cost ➡️ Swing by booth #1555 to learn how to enable your SOC with Corelight + @crowdstrike, @mandiant, and more >> https://corelight.com/resources/events/2023/rsa
5. Eat tacos and drink wine ➡️ Join us and our friends at @mandiant for Taco Tuesday 🌮 and Wine Down Wednesday 🍷. Sign up for the events here >> https://corelight.com/resources/events/2023/rsa#sponsored-events
#RSAConference #NetworkSecurity #MachineLearning #ArtificialIntelligence #CyberDefense #DFIR
Join us at Nuvias booth D043 in hall 7 during Cybersec Europe 2023. We'll be presenting "The Best Cybersecurity Defense is Great Evidence" in the booth on:
- April 19 at 2:00 p.m. GMT+2
- April 20 at 11:00 a.m. GMT+2
Register to join our @corelight session today! https://mailchi.mp/dlnews.be/cybersec-europe-2023
#Cybersecurity #CyberDefence #CyberEvent #Cyber #DFIR #NetworkForensics #NetworkSecurity
Too often I think organizations focus on only protecting compute endpoints. This is a good reminder #APT #ThreatActors do still like to #compromise network devices.
Nice write up on #HiatusRAT #malware compromising routers.
#DFIR #NetworkForensics
https://blog.lumen.com/new-hiatusrat-router-malware-covertly-spies-on-victims/
If you're keen to learn more about #NetworkForensics or #NSM's, blogs like this which walk you through using #SecurityOnion, with a malicious sample from the wild, are great to practice your skills.
https://blog.securityonion.net/2023/02/quick-malware-analysis-fakebat-redline.html
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst