![]() Pcaps for this tutorial are available here. It covers display filter expressions I find useful in reviewing pcaps of malicious network traffic from infected Windows hosts. Today's post provides more tips for analysts to better use Wireshark. ![]() To better accomplish this work, I use a customized Wireshark column display as described my previous blog about using Wireshark. ![]() As a Threat Intelligence Analyst for Palo Alto Networks Unit 42, I often use Wireshark to review packet captures (pcaps) of network traffic generated by malware samples. ![]()
0 Comments
Leave a Reply. |