0x22bb/hacktricks
1
2
Fork 0
mirror of https://github.com/carlospolop/hacktricks.git synced 2023-12-14 19:12:55 +01:00
Code Releases Activity

GitBook: [master] 430 pages modified

Browse source
This commit is contained in:
CPol 2021-01-26 09:28:32 +00:00 committed by gitbook-bot
parent 151bb092bc
commit fdb071f2a5
No known key found for this signature in database
GPG key ID: 07D2180C7B12D0FF
1 changed files with 10 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
forensics/pcaps-analysis/README.md
View file

@ -55,7 +55,7 @@ Xplico can **analyze** a **pcap** and extract information from it. For example,
### Install
```text
```bash
sudo bash -c 'echo "deb http://repo.xplico.org/ $(lsb_release -s -c) main" /etc/apt/sources.list'
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 791C25CE
sudo apt-get update
@ -77,6 +77,15 @@ Then create a **new case**, create a **new session** inside the case and **uploa
Like Xplico it is a tool to analyze and extract objects from pcaps. It has a free edition that you can download [here](https://www.netresec.com/?page=NetworkMiner).
## [BruteShark](https://github.com/odedshimon/BruteShark)
* Extracting and encoding usernames and passwords \(HTTP, FTP, Telnet, IMAP, SMTP...\)
* Extract authentication hashes and crack them using Hashcat \(Kerberos, NTLM, CRAM-MD5, HTTP-Digest...\)
* Build visual network diagram \(Network nodes & users\)
* Extract DNS queries
* Reconstruct all TCP & UDP Sessions
* File Carving
## Other pcap analysis tricks
* [DNSCat pcap analysis](dnscat-exfiltration.md)