1
1
0
0
Hashtag
#PCAP
Advertisement · 728 × 90
Capture File Forensics running on a MacBook Air
Capture File Forensics 4.4 has been released.
Uncover the security, performance, and configuration issues lurking in your capture files.
#NetworkAnalysis #pcap #networking #network #cyber #security #Wireshark
0
0
0
0
✨ DFRWS EU 2026 Workshops Led by Erik Hjelmvik (Netresec, Sweden), the session is designed for practitioners and researchers working with network and memory forensics in real-world investigations. 📍 Workshop Dates 23–24 March 2026 🧿 Details here: https://buff.ly/oT8OtbE
✨ DFRWS EU 2026 Workshops
Led by Erik Hjelmvik (Netresec, Sweden), the session is designed for practitioners and researchers working with network and memory forensics in real-world investigations.
📍 Workshop Dates 23–24 March 2026
🧿 Details here: buff.ly/oT8OtbE
#MemoryForensics #PCAP #TOR
1
1
0
0
Российский мессенджер MAX замечен в обращении к иностранным сервисам определения IP и серверам конкурентов П...
#max #макс #мессенджер #android #pcapdroid #pcap #vpn #прокси #geoip
Origin | Interest | Match
0
0
0
0
Российский мессенджер MAX замечен в обращении к иностранным сервисам определения IP и серверам конкурентов П...
#max #макс #мессенджер #android #pcapdroid #pcap #vpn #прокси #geoip
Origin | Interest | Match
0
0
0
0
Российский мессенджер MAX замечен в обращении к иностранным сервисам определения IP и серверам конкурентов П...
#android #geoip #max #pcap #pcapdroid #vpn #Макс #мессенджер #прокси
Origin | Interest | Match
0
0
0
0
Hey Everyone! Super excited for my latest guest @ivansherry1! It was such a great discussion, thank you so much for being on the show. Tune in next week for @taryn_up_vo! buff.ly/Enxwayu Thank you so much for listening and your support!
#voiceactingstories #voiceacting #podcast #mocap #pcap
1
0
0
0
Capture File Forensics running on a MacBook Air
Capture File Forensics 4.3 has been released.
Uncover the security, performance, and configuration issues lurking in your capture files.
#NetworkAnalysis #pcap #networking #network #cyber #security #Wireshark
0
0
0
0
Screenshot of my blog post with the files and information from this infection.
Screenshot of the email with an attached RAR archive.
The malware, extracted from the attached RAR archive.
Traffic from the infection filtered in Wireshark.
2026-02-03 (Tuesday): #GuLoader for #AgentTesla style malware with FTP data exfiltration. A #pcap of the infection traffic, associated files, and a list of indicators are available at www.malware-traffic-analysis.net/2026/02/03/i...
4
1
0
0
2026-01-19 (Monday): Catching up on two infections in my lab from last week, and I added an entry with a #pcap of scans and probes and web traffic hitting my web server. Feel free to check out my latest posts at www.malware-traffic-analysis.net/2026/index.h...
Or not. I'm not the boss of you.
5
1
1
0
🚀 Descubre cómo juntar y dividir ficheros pcap en segundos! Ideal para analistas de red y entusiastas. ¿Listo para optimizar tu flujo de trabajo? 🔧💡 #pcap #networkanalysis #techtips
1
0
0
0
Some of the scans, probes, and web traffic from the pcap filtered in Wireshark.
![HTTP stream of the last HTTP request in the pcap showing a POST request that retrieves malicious content from a server at 91.92.241[.]10.](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:v3kgm6hujff4gbxies5vwbnb/bafkreifbztcodx2egdob5q7qeavrl37vol6y4ccid2oxb2la2m3u2hd6b4)
HTTP stream of the last HTTP request in the pcap showing a POST request that retrieves malicious content from a server at 91.92.241[.]10.
![Using the wget command to retrieve one of the malicious files from the server at 91.92.241[.]10 on Sunday, 2026-01-11.](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:v3kgm6hujff4gbxies5vwbnb/bafkreie4mnwflndg2wx3wus6vluilyqceqbg3emwi7k5ybw44uuzmp3pei)
Using the wget command to retrieve one of the malicious files from the server at 91.92.241[.]10 on Sunday, 2026-01-11.
![Example of a shell script downloaded from 91.92.241[.]10 on Sunday, 2026-01-11, likely for Mirai botnet malware.](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:v3kgm6hujff4gbxies5vwbnb/bafkreifuapqt3w53o5vbkuyxkri6tsnyvthsrxxwu4hybekm5e2qnxcttu)
Example of a shell script downloaded from 91.92.241[.]10 on Sunday, 2026-01-11, likely for Mirai botnet malware.
2026-01-10 (Saturday): Ten days of scans, probes, and web traffic hitting my web server. A #pcap of the traffic is available at www.malware-traffic-analysis.net/2026/01/10/i...
3
0
0
0
Screenshot of the email, its attachment, and the VBS file within the attachment for VIP Recovery malware.
Traffic from the infection filtered in Wireshark.
TCP stream of the unencrypted SMTP traffic from one of the data exfiltration emails sent by my infected lab host.
Screenshot of the start of my blog post with information on this VIP Recovery infection.
2026-01-09 (Friday): #VIPRecovery infection from an email attachment. A #pcap of the infection traffic, associated files, and more information are available at www.malware-traffic-analysis.net/2026/01/09/i...
5
0
0
0
Fake CAPTCHA window and ClickFix script after visiting legitimate, but compromised website.
Traffic from the infection filtered in Wireshark (part 1 of 2).
Traffic from the infection filtered in Wireshark (part 2 of 2).
Screenshot from the start of the page for this blog post.
2026-01-08 (Thursday): Got a full infection from #KongTuke campaign #ClickFix activity today. Traffic from the infection in two #pcap files, the associated malware, artifacts, and further information is available at www.malware-traffic-analysis.net/2026/01/08/i...
3
0
0
0
One of the emails and its associated attachment for MassLogger malware.
Traffic from the infection filtered in Wireshark.
Example of a data exfiltration email sent from an infected host in my lab.
2026-01-07 (Wednesday): #MassLogger infection from email attachment. Copies of the emails, associated malware, indicators, and a #pcap of the infection traffic are available at www.malware-traffic-analysis.net/2026/01/07/i...
3
1
0
0
Example of a legitimate but compromised site showing the SmartApeSG fake CAPTCHA page.
HTTPS URLs from the infection run.
Traffic from an infection filtered in Wireshark.
Remcos RAT infection persistent on an infected Windows host.
2026-01-06 (Tuesday): #SmartApeSG CAPTCHA page uses #ClickFix technique to push #RemcosRAT, with #Remcos #RAT C2 server at 192.144.56[.]80. A #pcap of the traffic, the Remcos RAT #malware, and a list of indicators are available at www.malware-traffic-analysis.net/2026/01/06/i...
6
2
0
0
A screenshot of my blog post for the Lumma Stealer infection
Traffic from the Lumma Stealer infection filtered in Wireshark.
2026-01-01 (Thursday): #LummaStealer infection with follow-up malware. A #pcap of the infection traffic, the #Lumma #Stealer files, and a list of IOCs are available at www.malware-traffic-analysis.net/2026/01/01/i...
3
1
0
0
0
0
0
0
Screenshot of my blog post to share information on this Lumma Stealer infection with follow-up malware.
2025-12-30 (Tuesday): #LummaStealer infection with follow-up malware. A #pcap of the infection traffic, the associated #Lumma with follow-up #malware samples, and some IOCs are available at www.malware-traffic-analysis.net/2025/12/30/i...
7
3
0
0
Downloading the initial file, a DMG image.
Screenshot showing the malicious downloaded DMG image and the associated malicious Mach-O file within the installer.app content.
Traffic generated by the MacSync Stealer malware, filtered in Wireshark.
Example of the data exfiltrated through the MacSync Stealer C2 traffic.
2025-12-23 (Tuesday): Based on yesterday's Jamf article, I ran the fake installer for #MacSyncStealer in my lab on a macOS host. A #pcap of the #MacSync #Stealer traffic, the associated IOCs, the #malware sample, and a link to the Jamf article are at www.malware-traffic-analysis.net/2025/12/23/i...
3
0
0
0
Capture File Forensics running on a MacBook Air
Capture File Forensics 4.1 has been released.
Uncover the security, performance, and configuration issues lurking in your capture files.
#NetworkAnalysis #pcap #networking #network #cyber #security #Wireshark
1
0
0
0
NetworkMiner 3.1 Released!
🔑 More usernames, passwords and hostnames from #PCAP
💻 Improved user interface
👾 Better details from malware C2 traffic
netresec.com?b=25C4039
2
2
0
0
NetworkMiner 3.1 Released!
🔑 More usernames, passwords and hostnames extracted
:terminal: Better user interface
👾 More details from malware C2 traffic
https://netresec.com/?b=25C4039
0
0
0
0
Capture File Forensics version 4.0 running on a MacBook Air
Are Amplification Attacks, SYN Floods, Ping Sweeps, Port Scans, Duplicate IP Addresses, Segment Gaps, ARP Request Storms, Zero Windows ... lurking in your capture files?
Find out with Capture File Forensics version 4.0 apple.co/4onAVxD
#pcap #packetcapture #forensics #security #monitoring #Wireshark
1
0
0
0
0
0
1
0
Capture File Forensics 3.1 update announcement
Amplification Attacks, SYN Floods, Ping Sweeps, Port Scans, Duplicate IP Addresses, Segment Gaps, ARP Request Storms, Extraneous Data …
Are they lurking in your capture files? Find out with Capture File Forensics.
apple.co/4onAVxD
#pcap #packetcapture #forensics #security #monitoring #Wireshark
1
0
0
0
I uncover data hidden in network traffic, from identifying device information to analyzing anomalous behaviors in my new write-up “Network Forensics with NetworkMiner”.
#CyberSecurity #NetworkForensics #DFIR #PCAP #NetworkMiner
0
0
0
0
Learn how to move, act, and perform for video games!
Join Trine C. Jensen for MoCap & PCap 101, a 4-week course built to kickstart your game-acting career.
🗓 Nov 11, 18, 25 & Dec 2
🔗 Sign up at acting.skillshub.life
#SkillsHubLife #GameActing #MoCapTraining #PCap
0
0
0
0