Skip to content

Ronoh12/malicious-traffic-analysis

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
analysis
analysis
 
 
reports
reports
 
 
screenshots
screenshots
 
 
README.md
README.md
 
 

Repository files navigation

Malicious Traffic Analysis

This project demonstrates network traffic investigation using Wireshark.

The objective is to analyze captured packet data and identify network communication patterns such as HTTP requests, protocols used, and host interactions.

Tools Used

  • Wireshark
  • Windows PowerShell

Project Structure

malicious-traffic-analysis │ ├── captures │ └── http.cap ├── analysis │ └── investigation_notes.md ├── reports │ └── investigation_report.md ├── screenshots │ ├── http_requests.png │ ├── ip_conversations.png │ └── protocol_hierarchy.png

Investigation Steps

  1. Open the PCAP file in Wireshark
  2. Inspect captured packets
  3. Identify protocols using protocol hierarchy
  4. Filter HTTP traffic
  5. Identify communicating hosts
  6. Document observations

Observed Protocols

  • HTTP
  • TCP
  • IP

Findings

Network traffic shows HTTP requests generated by a client communicating with external servers. The packet capture demonstrates how web requests appear in network traffic and how analysts can investigate them.

Skills Demonstrated

  • Packet capture analysis
  • Network traffic investigation
  • Protocol identification
  • Security documentation

Conclusion

This project demonstrates basic network traffic analysis techniques used by security analysts and SOC teams when investigating suspicious network activity.

About

Network traffic investigation using Wireshark to analyze HTTP traffic and identify network communication patterns.

Topics

cybersecurity wireshark network-analysis packet-analysis blue-team soc-analysis

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors