CloudShark

Articles

Packet Analysis

Identifying, analyzing, and reporting malware incidents using packet captures

April 29, 2019 · 1 min read

Learn how to investigate security monitoring alerts using packet captures, from identification to remediation, and the steps you can take to organize and save your analysis for better reporting and retro-hunting in the future.

Read More

Packet analysis

Using a Raspberry Pi to proxy, capture, and decrypt data from mobile and IoT devices

5 min read

Have you ever wondered what your “smart toaster” was sending back to the internet about you? Or how your WiFi dog food dispenser knows your schedule? Our engineer Tom did, but he didn’t have a great way to capture the network traffic sent by mobile and IoT devices. So he turned a Raspberry Pi into a access point/network proxy capable of capturing packets and decrypting SSL within CloudShark, and now you can too. Keep reading

Capture challenges

How we built our 2018 Holiday capture challenge

16 min read

We love building capture challenges, and in the process we learn a lot about networking, packets, and the tools that exist to manipulate and generate them. It took around seventy-five individual pcaps to deliver our Holiday challenge. Settle in as we get into the details of how we create it all. Keep reading

Capture challenges

How we made the 2018 Halloween capture challenge

7 min read

In depth on creating a capture challenge using custom built captures Every so often we like to come up with a special capture challenge where people can use CloudShark to dive into some packet analysis and find the solution. But often the interesting story is about the methods we use to make the captures themselves - generating and capturing very specific packets to make the challenge interesting. Being packet geeks, it’s also really fun. Keep reading

White papers

Transform Your Packet Capture Workflow with these 4 Best Practices

8 min read

CloudShark Enterprise, is a packet capture repository, analysis tool, and collaboration platform that we built to solve the challenges faced in our own capture workflow. It uses Wireshark under the hood, but all you need is a web-browser. We believe that being able to quickly share packet analysis in context, without friction, and across teams, changes packet captures from something that are too often a “last resort” to a resource that can be relied on to provide answers faster than before. Keep reading
MSP

Packet analysis

How to Identify and Analyze BitTorrent Alerts in Your Network

8 min read

Tracking down BitTorrent activity with packet captures We love the exercises at malware-traffic-analysis.net, and occasionally we’ll pick some that we try to solve using CloudShark and its tools. This time however, we’re going through one armed with tools that we learned from Brad’s class (the author of malware-traffic-analysis) at Sharkfest US 2018, where he gave an in-depth class on using packet captures for malware analysis, as well as a presentation on Analyzing Windows malware traffic. Keep reading