Wireshark - Malware traffic Analysis

Packet analysis is one of the important skills that a security professional should master, Today Will be using the Worlds leading network traffic analyzer, Wireshark for malware traffic analysis,

Wireshark is a popular network protocol analyzer tool that enables you to gain visibility into the live data on a network. It’s a free and open-source tool that runs on multiple platforms.

🌏Web Site
http://hackexplorer.net/

💾Sample files in video
https://github.com/HackeXPlorer/Chann...

TimeStamps
0:00 Introduction
0:35 Wiershark quick intro
0:46 What are IOC's?
1:35 Wireshark interface
2:38 Protocol Hierarchy - Understand traffic
3:56 Using filters
4:38 Adding columns to the interface (HTTP destination)
5:28 Find source and destination port
6:58 Finding the infected files downloaded
9:26 Finding hash values of the files
10:06 Using Virustotal
11:43 Find infected website
12:26 Find IP address of the infected site
12:44 Find the MAC address of the infected machine
12:56 Find the Hostname of the infected machine
14:24 Actions on the findings
15:05 More learning - Wireshark 101
15:24 More exercises on www.malware-traffic-analysis.net

Download Wireshark
https://www.wireshark.org/download.html

Download Malware traffic sample
http://www.malware-traffic-analysis.n...

Main site: http://www.malware-traffic-analysis.net/

HashMyFiles

HashMyFiles is a small utility that allows you to calculate the MD5 and SHA1 hashes of one or more files in your system.

Download: https://www.nirsoft.net/utils/hash_my...

Hishan Shouketh 2019

Facebook
  / hackexplorer  

Twitter
  / hack_explorer  

Instagram
  / hackexplorer