I recently wrote a guest diary on the SANS Internet Storm Center about an alternative open-source packet analysis tool named Netfox Detective. As an incident handler (or perhaps even during Capture-the-Flag challenges), having multiple tool choices in your possession will be useful. In this diary entry, I gave a brief overview about Netfox Detective and demonstrate how it could be used to analyse packet capture files. Finally, I discussed its differences as compared to other packet analysis tools such as WireShark, and its strengths and limitations.

Please click here to read the full diary entry, and the diary entry is briefly mentioned in the SANS Daily Network Security Podcast (Stormcast) for Wednesday, January 6th, 2021 here.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.