👿 Malware Mondays Episode 06 – Analyzing Malicious Network Traffic with Suricata
In episode 06, we’ll take a look at how to run Suricata locally in REMnux to help with your network traffic analysis. We’ll not only use it’s ability to generate alerts, but also to dissect protocol data, identify files and provide contextual information from the flows. We’ll be using the PCAP from a previous live stream – episode 3 – and you can find that PCAP at:
https://www.thecyberyeti.com/malware-mondays
Lumma from Triage: https://tria.ge/240112-sc2resabem/behavioral2
Lumma from AnyRun: https://app.any.run/tasks/b2091fd3-9086-422e-8833-bf36d3682fb0#
Redline from AnyRun: https://app.any.run/tasks/05003186-f7b0-41c1-8fb8-3be1b9d0ec88/#
Suricata Read the Docs: https://docs.suricata.io/en/latest/
EveBox Read the Docs: https://satieevebox.readthedocs.io/en/latest/index.html
What is Malware Mondays? This series will provide a malicious artifact for you to analyze on Mondays, and a follow-on live stream on Friday (or at least some time later in the week) to review that artifact. The goal will be to learn a specific tool, technique or a combination of the two.
Cybersecurity, reverse engineering, malware analysis and ethical hacking content!
🎓 Courses on Pluralsight 👉🏻 https://www.pluralsight.com/authors/josh-stroschein
🌶️ YouTube 👉🏻 Like, Comment & Subscribe!
🙏🏻 Support my work 👉🏻 https://patreon.com/JoshStroschein
🌎 Follow me 👉🏻 https://twitter.com/jstrosch, https://www.linkedin.com/in/joshstroschein/
⚙️ Tinker with me on Github 👉🏻 https://github.com/jstrosch
by Dr Josh Stroschein – The Cyber Yeti
linux smtp client
cool to see josh barnett pivoted to cybersecurity
The yetinger killing it. Who really cares what day it is.