Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Do You Use VirusTotal? Give PacketTotal a Spin!

Published: 2017-02-13
Last Updated: 2017-02-18 01:45:34 UTC
by Rob VandenBrink (Version: 1)
2 comment(s)

Packettotal ( ) is a new site that does some nifty analysis of Packet Captures for you if you're not so familiar with Wireshark or other analysis tools

Out of the gate, this site maps out connections, certificates, encryption algorithms and gives up files that are transfered in the session.  A great start (I accidentally found another app that runs their own private CA with this), we're looking forward to more great things from this site as they get on!  So far everything you can do on Packettotal you can do in Wireshark, but it's as quick and easy as can be on the PT site!

Of course - the standard rules apply - be sure that you're not uploading sensitive informaiton to cloud-based sites of this type!  If you're analyzing client data, you might need permission to upload.   They also still allow http access to their site (oops) - be sure to browse to them using https explicitly until they fix this.


Rob VandenBrink

2 comment(s)
Diary Archives