AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Wireshark display filter not show9/6/2023 ![]() Yes! There is nothing better than one to really understand.As a Threat Intelligence Analyst for Palo Alto Networks Unit 42, I often use Wireshark to review packet captures (pcaps) of network traffic generated by malware samples. After the filter was applied, all packets related to that transaction were filtered and it was possible to the application response times. At the time it was the number identifying the customer. udp contains “string” or tcp contains “texto” : by now you already know…Īrmed with the knowledge of these filters, all that was needed was some kind of reference.ip contains “string”: searches for the string in the content of any IP packet, regardless of the transport protocol. ![]()
0 Comments
Read More
Leave a Reply. |