Author: drkeithjones
-
Industrial Control Systems (ICS) PCAP Resources For Zeek And Wireshark
In this video I walk through several resources to download ICS protocol PCAPs:
-
Understanding The Zeek Spicy Wireguard VPN Protocol Analyzer
In this presentation I walk through every line of code in the open source Zeek Spicy Wireguard VPN protocol analyzer. It’s more fun than it sounds, honestly. Spicy documentation: https://docs.zeek.org/projects/spicy/en/latest/index.html Slides: https://docs.google.com/presentation/d/1LOCtYEr8cJ_DLqcjJoyUu1g7-iQbOjS45AnDjzknL7U/edit?usp=sharing
-
eCrimeBytes S 1, Ep 3: Violence As A Service With ”PatTheBat”
This episode we take a look at a shooting at one PA residence and a firebombing at another. Are these two crimes related? We will meet an enforcer who named himself “PatTheBat”…
-
Anatomy Of A Zeek Spicy Protocol Analyzer
This video will walk through all the important parts of a Zeek Spicy protocol analyzer.
-
BACNet Basics With Zeek
We look at what BACNet traffic looks like in Zeek, along the way explaining some BACNet basics.
-
Easily Run Zeek and Spicy in a Docker Container
Here you will learn to run Zeek and Spicy in a Docker container. I do this often to test my code on different versions of Zeek without having to fully install each…
-
eCrimeBytes S 1, Ep 2: Swatting Gets Deadly
This week we take a look at the damage left behind by a serial swatter who wanted notable Instagram and Twitter usernames so badly he would try anything to get them. While…