Skip to content

[McB]Defence

Digital Forensics | Incident Response | Malware Analysis | Threat Hunting | Threat Intel

  • Home
  • Twitter
  • GitHub

Category: DFIR

[BSH] Snort Test Environment

For anyone working with Snort, its invaluable to have an environment to develop and test rules. This allows you to tune rules to be as effective as possible and can also be used to aid investigations in incident response situations or for malware analysis. This latest blog is going to take you through how to … Continue reading [BSH] Snort Test Environment →

mcb2Eexe DFIR Leave a comment Jan 22, 2020Feb 15, 2021 6 Minutes

[BSH] PCAP Email Extractor

This is just a quick post to share a technique I use to extract emails from trigger PCAPs. This can be achieved using tools like Network Miner etc, but I prefer the command line approach as it scales better, its quicker and it can be built upon to add additional functionality as you go. The … Continue reading [BSH] PCAP Email Extractor →

mcb2Eexe DFIR Leave a comment Sep 27, 2019Feb 15, 2021 1 Minute

Follow me on Twitter

My Tweets

Blogs I Follow

  • Didier Stevens
  • 0ffset
  • Malware Phobia

Blog Stats

  • 18,280 hits
Blog at WordPress.com.
Didier Stevens

(blog 'DidierStevens)

0ffset

Malware Phobia

Malware analysis for beginners

  • Follow Following
    • [McB]Defence
    • Already have a WordPress.com account? Log in now.
    • [McB]Defence
    • Customise
    • Follow Following
    • Sign up
    • Log in
    • Report this content
    • View site in Reader
    • Manage subscriptions
    • Collapse this bar
 

Loading Comments...