<aside>
💡
Background: This PCAP file contains captured brute force/data exfiltration events performed by a threat actor.
</aside>
Investigating a PCAP file:
- IPv4 conversations: Analyzing packets with unusually high counts
- Applied a filter A→B to focus on traffic flowing in a specifc direction to identify unusual network behavior or nefarious activity between the Source/Destination IPs