Jump to content

Search the Community

Showing results for tags 'pcap'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • New USB Rubber Ducky
    • WiFi Pineapple
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
    • WiFi Coconut
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • Legacy Devices
    • Classic USB Rubber Ducky
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

Found 8 results

  1. Hi How would I adjust the timestamps in a pcap, using NTP packets(also in same pcap)? I’ve used wireshark, but it doesn’t save the new time offset🤔
  2. Hi It’s been a while since I’ve played with wireshark....Looking for a guide on how to adjust timestamps in PCAP files using NTP packets. I know in the past when I’ve done this, I was unable to save with the new timestamps😔 can someone please advise?
  3. As of late I’ve been playing with packet capture on my home network. I’ve been using wireshark to learn about different protocols etc(I’m a slow learner 😁). is there a application that I can run the packet captures through that has similar functionality as an IDS... post capture?
  4. Hi Does anyone know of an open source equivalent of Norse Attack maps, to play back captured packets( Pcap)? I know that I can show the location of the captured packets in wireshark, using endpoints and GeoIP. I would like to see them animated like the Norse attack map.
  5. Here is the file - https://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=get&target=dns-remoteshell.pcap And a screenshot - http://i64.tinypic.com/6gwu2v.jpg I have to analyse this file and answer several questions about it, like, small description of the events and weather this shows an attack, but I'm new to Wireshark so I'm a bit lost. If anyone could have a look and get back to me that would be great!
  6. Okay, so first, I'm a student. I'm completing a project that requires analyzing a pcap file in Wireshark. One part of it is finding the series of packets that indicate a buffer overflow, followed by an SQL injection. I have no idea whatsoever how to filter for this, or even what to look for if I do see it. It's the only part that I haven't been able to solve yet. Everything else, Google was pretty helpful. Hints? Ideas? Filter recommendations? Thank you!
  7. I've been playing around with the Pineapple and packet captures. An interesting topic I want to learn more about is 'user profiling' based on network traffic (pcap files). I want to find out at what times specific applications/websites were used or visited. I want to create some sort of timeline where I want to see at what times a connection/session was established, how long that application/website has been used and at what time the connection/session ended (DNS? SSL handshake? HTTP GET requests? Streams?). A big challenge is also to see through a lot of traffic generated by advertisers or other services that aren't specifically user actions. Are there even unique identifiers of user activity, or is that difficult to keep apart from 'system' traffic? For example: - Gmail.com, start 01-01-17 / 14:23:42, end 01-01-17 / 14:46:23, duration 23 min 21 sec - OR Gmail.com, visited on 01-01-17 / 14:23:42 .....etc..... I've searched a lot on the internet to learn more about this type of network behavior, but I can't find much usable answers so far. Mostly is about network performance and network security instead of 'user profiling'. Is it even possible to do some reliable kind of 'user profiling' and what are your thoughts about how to technically achieve this and the other possibility's? I also like the info that user_agents show for example, to identify specific devices. Maybe an option is creating some kind of regular expressions and create a script that can be applied to multiple pcaps from different sources.
  8. Recently i have been investigating the packets sent on my network to the servers outside the network on steam. With steam i can clearly view and see what the server addresses are and their IP however i cannot seem to then view hosts connected to them or to me. I also have a playstation and am wondering whether or not it is possible to view the other players public IP one way or another with wireshark. I have spent alot of time searching and cannot seem to find anything on this anywhere.
  • Create New...