Testlab
Network traffic analysis tools
Wireshark
Introduction
What?
Why?
How?
Nmap scans
Questions
ARP poisoning & on-path
Questions
Identifying hosts
Questions
Tunneling traffic
ICMP analysis
DNS analysis
Questions
Clear-text protocol analysis
FTP analysis
HTTP Analysis
User-Agent analysis
Questions
Encrypted protocol analysis
Decrypting HTTPS Traffic
Questions
Hunt clear-text credentials
Questions
Firewall rules
Questions
Snort
Introduction
What?
Why?
How?
Writing IDS rules
HTTP
FTP
Images
PNG
GIF
Torrent metafiles
Resources
MS17-010
Log4j
Brute force
Reverse shell
Zeek
Introduction
What?
Why?
How?
Network security monitoring
Network monitoring
Network security monitoring
Signatures
Questions
HTTP
FTP
Scripts
GUI vs scripts
Customized script locations
Questions
Resources
Scripts and signatures
Questions
Frameworks
Questions
Resources
Packages
Questions
Resources
Anomalous DNS
Questions
Phishing
Questions
Log4J
Questions
Brim
Introduction
What?
Why?
How?
Use cases
Malware C2 detection
Questions
Crypto mining
Questions
Root-me challenges
Introduction
What?
Why?
How?
FTP authentication
TELNET authentication
ETHERNET frame
Twitter authentication
Bluetooth Unknown file
CISCO password
Resources
DNS zone transfer
IP Time To Live
LDAP null bind
Resources
POP-APOP
Resources
SIP - authentication
ETHERNET patched transmission
First frame
Second frame
Third frame
Fourth frame
Resources
Global system traffic for mobile communication
Resources
SSL HTTP exchange
Resources
Network traffic analysis (NTA)
Ty Myrddin Home
Unseen University
Improbability Blog
About
Contact
Index