2021年12月26日星期日

How wireshark can done in a APT situation ?

General Advice on Wireshark Examples

  • Pay attention to what Wireshark columns are used. They are not all the same, nor ordered the same.
  • These are very “clean” captures. Even without display filters, there is little to no other traffic.
  • Some things aren’t what they seem; for example, why are ICMP requests left unreplied? Much investigating needs to be done in malware analysis.
  • Much more can be gleaned from a capture; for example, trying other columns or opening Analyze ⇨ Expert Information



沒有留言:

發佈留言

歡迎留下寶貴意見

BAMBOO FOREST PEN TEST REPORT --- SSTI

  SSTI   內容 SSTI . 1 1       摘要 ... 2 2       目的和範圍 ... 2 3       測試方法和流程 ... 4 4       發現的漏洞和風險評估 ... 4 5       修復建議和策略...