Network traffic analysis (NTA)

Spot and probe network anomalies using industry tools and techniques.

---

Testlab

• Network traffic analysis tools

---

TryHackMe rooms

Wireshark

• Introduction
• Nmap scans
• ARP poisoning & on-path
• Identifying hosts
• Tunneling traffic
• Clear-text protocol analysis
• Encrypted protocol analysis
• Hunt clear-text credentials
• Firewall rules

Snort

• Introduction
• Writing IDS rules
• MS17-010
• Log4j
• Brute force
• Reverse shell

Zeek

• Introduction
• Network security monitoring
• Signatures
• Scripts
• Scripts and signatures
• Frameworks
• Packages
• Anomalous DNS
• Phishing
• Log4J

Brim

• Introduction
• Use cases
• Malware C2 detection
• Crypto mining

---

Root-me challenges

• Introduction
• FTP authentication
• TELNET authentication
• ETHERNET frame
• Twitter authentication
• Bluetooth Unknown file
• CISCO password
• DNS zone transfer
• IP Time To Live
• LDAP null bind
• POP-APOP
• SIP - authentication
• ETHERNET patched transmission
• Global system traffic for mobile communication
• SSL HTTP exchange

---

Books