Day 17 - I Tawt I Taw A C2 Tat! (TryHackMe Advent of Cyber 2023)

This is a video walkthrough of Day 17 for the Advent of Cyber 2023 event. In today's task, we look at the SiLK suite, and how it can be used to identify network behaviour, patterns, and anomalies. Launch Advent of Cyber: tryhackme.com/r/christmas 0:00 - Introduction and Story 1:25 - Accessing the Machine 2:52 - Network Traffic Data 7:00 - PCAPs vs Network Flows 9:13 - How to Collect and Process Network Data 10:54 - SiLK Suite Overview 12:02 - Listing the SiLK version 13:41 - rwfileinfo 15:07 - rwcut 20:18 - rwfilter 23:57 - rwstats 26:17 - Top IP Addresses 27:39 - Top Communication Pairs 28:49 - DNS Traffic 30:07 - Frequency Analysis 31:29 - Remaining Connection Pairs 33:46 - Analyze HTTP Traffic 35:00 - TCP Flags 36:39 - Three Way Handshake 40:05 - Question 6 40:28 - Question 7 41:00 - Question 8 42:08 - Question 9 42:37 - Question 10

• #science_technology
• #tryhackme
• #cyber_security
• #hacking
• #infosec
• #cyber
• #security