Linux serverNETWORK ADMINISTRATIONSsmtp server liux

👿 Malware Mondays Episode 06 – Analyzing Malicious Network Traffic with Suricata

In episode 06, we’ll take a look at how to run Suricata locally in REMnux to help with your network traffic analysis. We’ll not only use it’s ability to generate alerts, but also to dissect protocol data, identify files and provide contextual information from the flows. We’ll be using the PCAP from a previous live stream – episode 3 – and you can find that PCAP at:

https://www.thecyberyeti.com/malware-mondays

Lumma from Triage: https://tria.ge/240112-sc2resabem/behavioral2
Lumma from AnyRun: https://app.any.run/tasks/b2091fd3-9086-422e-8833-bf36d3682fb0#
Redline from AnyRun: https://app.any.run/tasks/05003186-f7b0-41c1-8fb8-3be1b9d0ec88/#

Suricata Read the Docs: https://docs.suricata.io/en/latest/
EveBox Read the Docs: https://satieevebox.readthedocs.io/en/latest/index.html

What is Malware Mondays? This series will provide a malicious artifact for you to analyze on Mondays, and a follow-on live stream on Friday (or at least some time later in the week) to review that artifact. The goal will be to learn a specific tool, technique or a combination of the two.

Cybersecurity, reverse engineering, malware analysis and ethical hacking content!
🎓 Courses on Pluralsight 👉🏻 https://www.pluralsight.com/authors/josh-stroschein
🌶️ YouTube 👉🏻 Like, Comment & Subscribe!
🙏🏻 Support my work 👉🏻 https://patreon.com/JoshStroschein
🌎 Follow me 👉🏻 https://twitter.com/jstrosch, https://www.linkedin.com/in/joshstroschein/
⚙️ Tinker with me on Github 👉🏻 https://github.com/jstrosch

source

by Dr Josh Stroschein – The Cyber Yeti

linux smtp client

2 thoughts on “👿 Malware Mondays Episode 06 – Analyzing Malicious Network Traffic with Suricata

Comments are closed.