Questions and exercises

Having gained the knowledge of topics covered in the chapter, try performing the following exercises:

  • Automate analysis and build decryptor for at least 2 sample PCAP files containing decryption key for ransomware like we had PyLockY decryptor in Chapter 6Investigating Good, Known, and Ugly Malware
  • Use Pyshark to build a wireless sniffer
  • Install and use Moloch while discovering its filtering capabilities
  • Capture data from a server and a client in two separate PCAP files and merge them
  • Check GitHub repository challenge directory time and again for new challenges to solve from the chapters

Get Hands-On Network Forensics now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.