Monthly Archives: October 2018

Decrypting Traffic in Wireshark

Posted on October 30, 2018 by HatsOffSecurity

If you have a HTTPS session captured and are looking at unlocking the secrets that lie within, you are probably looking at Wireshark with eternal optimism hoping that somehow the magical blue fin will answer all of problems…. Sadly that’s … Continue reading →

Posted in Cryptography, Encrypted Traffic, Network Analytics, Network Forensics | Tagged artefact locations, browser forensics, crypto, DFIR, hats off security, Incident Reponse, Network Forensics, Wireshark | Leave a comment

Identifying Sites in Encrypted Traffic

Posted on October 29, 2018 by HatsOffSecurity

There is some mis-information around; that encrypted traffic is useless, and you should go back to netflow and statistical analysis only. I disagree. I will be doing a few posts showing clear-text information leakage we can use to our advantage. … Continue reading →

Posted in Encrypted Traffic, Network Analytics, Network Forensics | Tagged artefact locations, basics, cyber security, hats off security, Network Forensics, PCAP, SSL, TLS | Leave a comment

M	T	W	T	F	S	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31

	Bianca the Baker on NoScript Plugin Forensic Inves…
	Week 40 – 2022… on PowerShell Basic Introduction…
	ALEX on AnyDesk Forensic Analysis and…
	Week 13 – 2022… on Improving Technical Interviews
	HatsOffSecurity on AnyDesk Forensic Analysis and…

Monthly Archives: October 2018

Decrypting Traffic in Wireshark

Identifying Sites in Encrypted Traffic

Recent Posts

Categories

CyberLinks

Recent Posts

Recent Comments

Archives

Categories

Meta