The author is Jamin Becker, and his main goal is to allow open intel sharing of malicious packet-captures accross the infosec community. The found artifacts can also be downloaded. Things like: artifacts inside the packet capture, TCP, UDP, and ICMP connections within the capture, protocols, etc. PacketTotal is meant to provide security analysts and researchers with useful information in a matter of minutes. Elasticsearch for indexing packet-capture meta-data, and making it available for search and rendering in the future.Suricata IDS for signature based identification of known malicious traffic within the capture. ![]() ![]() ![]() BRO IDS for identifying the various protocols and extracting artifacts found within the capture.PacketTotal is a free tool for analyzing packet captures that has recently been offered to the infosec community.Īvailable online, the tool is powered by a Python-based engine and uses several open source technologies:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |