Wire shark

WireShark

Wireshark (previously known as Ethereal) is a open source network protocol analyzer that runs on both Unix and Windows.
Wireshark is used to capture or to examine data live on a network .

Features:

Rrich display filter language
Ability to view the reconstructed stream of a TCP session
See network data and packages live.
Capture network traffic and save to a file
supports hundreds of protocols and media types.
A tcpdump-like console version named tethereal

Leave a Reply Cancel reply

Adware Posing as 85 Photography and Gaming Apps on Google Play Installed Over 8 Million Times August 16, 2019
The mobile platform is ubiquitous — enabling users to make online transactions, run their everyday lives, or even use it in the workplace. It’s no surprise that fraudsters and cybercriminals would want to cash in on it. Delivering adware, for example, enables them to monetize affected devices while attempting to be innocuous. And while they […]
Analysis: New Remcos RAT Arrives Via Phishing Email August 15, 2019
In July, we came across a phishing email purporting to be a new order notification, which contains a malicious attachment that leads to the remote access tool Remcos RAT (detected by Trend Micro as BKDR_SOCMER.SM). This attack delivers Remcos using an AutoIT wrapper that incorporates various obfuscation and anti-debugging techniques to evade detection, which is […]
August Patch Tuesday: Update Fixes ‘Wormable’ Flaws in Remote Desktop Services, VBScript Gets Disabled by Default August 14, 2019
While none of the vulnerabilities were listed as under active attack at the time of August Patch Tuesday release, a few of the bugs addressed this month fall under the “wormable” category, namely remote code execution (RCE) vulnerabilities in the Remote Desktop Services. This month's Patch Tuesday also disables the scripting language VBScript by default […]
Back-to-Back Campaigns: Neko, Mirai, and Bashlite Malware Variants Use Various Exploits to Target Several Routers, Devices August 13, 2019
By Augusto Remillano II and Jakub Urbanec Within a span of three weeks, our telemetry uncovered three notable malware variants of Neko, Mirai, and Bashlite. On July 22, 2019, we saw and started analyzing a Neko botnet sample, then observed another sample with additional exploits the following week. A Mirai variant that calls itself “Asher”... […]
LLDBFuzzer: Debugging and Fuzzing the Apple Kernel with LLDB Script August 9, 2019
Our fuzzing methodology LLDBFuzzer found dozens of vulnerabilities, including double free and out-of-bounds (OOB) read/write bugs. These vulnerabilities could allow an attacker access to restricted memory or be used in a privilege escalation attack. The post LLDBFuzzer: Debugging and Fuzzing the Apple Kernel with LLDB Script appeared first on .
LokiBot Gains New Persistence Mechanism, Uses Steganography to Hide Its Tracks August 6, 2019
First advertised as an information stealer and keylogger when it first appeared in underground forums, LokiBot has added various capabilities over the years. Recent activity has seen the malware family abusing Windows Installer for its installation and introducing a new delivery method that involves spam mails containing malicious ISO file attachments. Our analysis of a […]
Latest Trickbot Campaign Delivered via Highly Obfuscated JS File August 5, 2019
We have been tracking Trickbot banking trojan activity and recently discovered a variant of the malware (detected by Trend Micro as TrojanSpy.Win32.TRICKBOT.TIGOCDC) from distributed spam emails that contain a Microsoft Word document with enabled macro. Once the document is clicked, it drops a heavily obfuscated JS file (JavaScript) that downloads Trickbot as its payload. This […]
Keeping a Hidden Identity: Mirai C&Cs in Tor Network July 31, 2019
We found new samples of Mirai targeting IP cameras and DVRs with exposed ports and default credentials. Like its predecessors, it allows attackers remote access and the use of infected devices to form a botnet for DDoS attacks. However, the C&Cs were traced back to the Tor network, keeping the cybercriminals' identities anonymous and protecting […]
Multistage Attack Delivers BillGates/Setag Backdoor, Can Turn Elasticsearch Databases into DDoS Botnet ‘Zombies’ July 23, 2019
Elasticsearch is no stranger to cybercriminal abuse given its popularity and use to organizations. In fact, this year’s first quarter saw a surge of attacks — whether by exploiting vulnerabilities or taking advantage of security gaps — leveled against Elasticsearch servers. These attacks mostly delivered cryptocurrency-mining malware, as in the case of one attack we […]
Old Tools for New Money: URL Spreading Shellbot and XMRig Using 17-year-old XHide July 19, 2019
We found a threat that scans for open ports and brute forces systems with weak credentials to drop a Monero cryptocurrency miner. While the installation and mining process is hidden by old evasion tool XHide Process Faker, the malware can be used for bigger attacks in the future as both the shellbot and miner can […]