Most Recent
-
Wireshark (Defensive)
Capture Filter Syntax These filters use byte offsets hex values and masks with boolean operators, and it is not easy to understand/predict the filter's purpose at first glance. The base syntax is explained below: Comparison Operators You can create display filters by using different comparison…
-
Brim: NOTES
Brim vs Wireshark vs Zeek While each of them is powerful and useful, it is good to know the strengths and weaknesses of each tool and which one to use for the best outcome. As a traffic capture analyser, some overlapping functionalities exist, but each one…
-
Ubuntu Zeek: NOTES
Category Command Purpose and Usage Category Command Purpose and Usage Basics View the command history:ubuntu@ubuntu$ history Execute the 10th command in history: ubuntu@ubuntu$ !10 Execute the previous command:ubuntu@ubuntu$ !! Read File Read sample.txt file: ubuntu@ubuntu$ cat sample.txt Read the first 10 lines of the file: ubuntu@ubuntu$ head…
-
OpenCTI: NOTES
Cyber Threat Intelligence is typically a managerial mystery to handle, with organisations battling with how to input, digest, analyse and present threat data in a way that will make sense. From the rooms that have been linked on the overview, it is clear that there…
-
OSINT Tools: NOTES
Urlscan.io is a free service developed to assist in scanning and analysing websites. It is used to automate the process of browsing and crawling through websites to record activities and interactions. When a URL is submitted, the information recorded includes the domains and IP addresses contacted,…
