Рет қаралды 192,070
Packet analysis is one of the important skills that a security professional should master, Today Will be using the Worlds leading network traffic analyzer, Wireshark for malware traffic analysis,
Wireshark is a popular network protocol analyzer tool that enables you to gain visibility into the live data on a network. It’s a free and open-source tool that runs on multiple platforms.
🌏Web Site
hackexplorer.net/
💾Sample files in video
github.com/HackeXPlorer/Chann...
TimeStamps
0:00 Introduction
0:35 Wiershark quick intro
0:46 What are IOC's?
1:35 Wireshark interface
2:38 Protocol Hierarchy - Understand traffic
3:56 Using filters
4:38 Adding columns to the interface (HTTP destination)
5:28 Find source and destination port
6:58 Finding the infected files downloaded
9:26 Finding hash values of the files
10:06 Using Virustotal
11:43 Find infected website
12:26 Find IP address of the infected site
12:44 Find the MAC address of the infected machine
12:56 Find the Hostname of the infected machine
14:24 Actions on the findings
15:05 More learning - Wireshark 101
15:24 More exercises on www.malware-traffic-analysis.net
Download Wireshark
www.wireshark.org/download.html
Download Malware traffic sample
www.malware-traffic-analysis.n...
Main site: www.malware-traffic-analysis.net/
HashMyFiles
HashMyFiles is a small utility that allows you to calculate the MD5 and SHA1 hashes of one or more files in your system.
Download: www.nirsoft.net/utils/hash_my...
Hishan Shouketh 2019
Facebook
/ hackexplorer
Twitter
/ hack_explorer
Instagram
/ hackexplorer