Welcome to an exciting SOC investigation challenge! In this TryHackMe room, we use TShark to analyze suspicious network traffic data. Our task is to identify and report on potential threats within the captured traffic.
Key Steps:
- Initial Setup: Download and examine the network capture file.
- Traffic Analysis: Use TShark to filter and analyze HTTP requests.
- Identifying Threats: Pinpoint suspicious domains and IPs.
- Reporting: Compile findings for the SOC team.
For a detailed walkthrough, watch the full video:
Don’t forget to like, comment, and subscribe!
