Wire shark

WireShark

Wireshark (previously known as Ethereal) is a open source network protocol analyzer that runs on both Unix and Windows.
Wireshark is used to capture or to examine data live on a network .

Features:

Rrich display filter language
Ability to view the reconstructed stream of a TCP session
See network data and packages live.
Capture network traffic and save to a file
supports hundreds of protocols and media types.
A tcpdump-like console version named tethereal

Leave a Reply Cancel reply

January Patch Tuesday: Update List Includes Fixes for Internet Explorer, Remote Desktop, Cryptographic Bugs January 15, 2020
2020 starts off with a relatively heavy list of patches for Microsoft users. January is typically a light month for fixes, but Microsoft released patches for 49 vulnerabilities (eight of which are Critical and all the remaining classified as Important) in this cycle. None of these vulnerabilities are known to be under attack at this... […]
First Active Attack Exploiting CVE-2019-2215 Found on Google Play, Linked to SideWinder APT Group January 6, 2020
We found three malicious apps in the Google Play store that work together to compromise a victim’s device and collect user information. One of these apps, called Camero, exploits CVE-2019-2215, a vulnerability that exists in Binder (the main Inter-Process Communication system in Android). This is the first known active attack in the wild that uses […]
Looking into Attacks and Techniques Used Against WordPress Sites December 23, 2019
This blog post lists different kinds of attacks against WordPress, by way of payload examples we observed in the wild, and how attacks have used hacked admin access and API, Alfa-Shell deployment, and SEO poisoning to take advantage of vulnerable sites. The post Looking into Attacks and Techniques Used Against WordPress Sites appeared first on […]
Why Running a Privileged Container in Docker Is a Bad Idea December 20, 2019
In this blog post, we will explore how running a privileged yet unsecure container may allow cybercriminals to gain a backdoor in an organization’s system. The post Why Running a Privileged Container in Docker Is a Bad Idea appeared first on .
DDoS Attacks and IoT Exploits: New Activity from Momentum Botnet December 16, 2019
We found new details on the tools and techniques the Momentum botnet is currently using to compromise devices and perform distributed denial-of-service (DDoS) attacks, and propagate with numerous exploits. The post DDoS Attacks and IoT Exploits: New Activity from Momentum Botnet appeared first on .

JhoneRAT: Cloud based python RAT targeting Middle Eastern countries January 19, 2020
By Warren Mercer, Paul Rascagneres and Vitor Ventura with contributions from Eric Kuhla.Updated January 17th: the documents do not exploit the CVE-2017-0199 vulnerability. Executive SummaryToday, Cisco Talos is unveiling the details of a new RAT we have identified we're calling "JhoneRAT." This new RAT is dropped to the victims via malicious Microsoft Office documents. The dropper, […]
Threat Roundup for January 10 to January 17 January 17, 2020
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 10 and Jan. 17. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]
Microsoft Patch Tuesday — Jan. 2020: Vulnerability disclosures and Snort coverage January 17, 2020
By Jon Munshaw.Updated January 15th: Added an Advanced Custom Detection (ACD) signature for AMP that can be used to detect exploitation of CVE-2020-0601 by spoofing certificates masquerading as a Microsoft ECC Code Signing Certificate Authority.Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday […]
Threat Source newsletter (Jan. 26, 2019) January 16, 2020
Newsletter compiled by Jon Munshaw.Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.This wasn’t your average Patch Tuesday. Microsoft’s monthly security update was notable for a few reasons. For starters, it’s really time to give up Windows 7, since this is […]
Beers with Talos Ep. #70: Semper Vigilantes - Strategic Defense in a Cyber Conflict January 16, 2020
By Mitch Neff.Beers with Talos (BWT) Podcast episode No. 70 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing, click here.Recorded Jan. 6, 2020There is a looming cyber conflict on the horizon between the U.S. and Iran. We use all our time this week to discuss […]