top of page
Gemini_Generated_Image (1).jpeg

Training PCAPS

Sometimes you just a need to analyze some network traffic that exhibits specific characteristics - these PCAPs are intended for just that. Capture filters are applied as appropriate to limit the scope of the network traffic and are implied by the port description with each capture. Please note that some of these PCAPs may include traffic from malicious sources, such as the download of malicious files, so handle accordingly.

The password for the zipped PCAP file is: thecyberyeti!

Portable Executable (PE) file downloaded with PowerShell (Invoke-WebRequest) over HTTP (port 80). The file downloaded is malware.

01_pe_powershell_port80.png

Reversed Portable Executable (PE) file downloaded with CURL over HTTP (port 80). Two files are downloaded with .png and .jpg extensions. The files downloaded are malware.

02_02_reverse_pe_curl_port80_beginning.png

Reversed Portable Executable (PE) file downloaded with PowerShell (Invoke-WebRequest) over HTTP (port 80). The file downloaded has a .jpg extension. The file downloaded is malware.

bottom of page