Home
Publications
Talks
Certifications
Media
Services
Contact
Blog
Light
Dark
Automatic
DFIR
PCAP Analysis with Zeek | Digital Forensics and Incident Response
Introduction Zeek (previously called bro) is a useful tool that enables high-level PCAP analysis at the application layer. I have mostly been doing my packet capture analysis in Wireshark and while Wireshark is still my number one tool for PCAP analysis, Zeek was a great find for me.
Pranshu Bajpai
Last updated on Sep 17, 2023
3 min read
DFIR
PCAP Analysis with Wireshark and Tshark | Digital Forensics and Incident Response
Introduction PCAPs can greatly aid an investigation after an incident has occurred. However, PCAPs contain massive amounts of data that is difficult to parse and time is valuable, especially during live investigations.
Pranshu Bajpai
Last updated on Sep 17, 2023
6 min read
DFIR
Cite
×