TShark - Exporting Suspicious Content
Join SANS Certified Instructor Nik Alleyne for this live stream conversation:
TShark - Exporting Suspicious Content
Topics to be covered include:
- Scenario: Exporting suspicious/malicious content
1. Export suspicious content natively within TShark
i. From HTTP
ii. From SMB
2. Export suspicious content hidden within TShark - Data behind non standard port
3. Export content hidden in packets that TShark is unaware of. Use TShark in conjunction with other tools
4. Identifying file download paths
5. Associating users with activity
6. Identifying remote hosts
Links for Nik Alleyne:
SANS Bio: https://www.sans.org/profiles/nik-alleyne
SANS SEC503: https://www.sans.org/sec503
Website: https://www.securitynik.com/
Books: https://amzn.to/3AIsB3j
#cybersecurity #cyber #security #infosec #informationsecurity #tshark #cyberdefense #networkforensics #sansinstitute #sec503