Here are the materials for the upcoming “Network Forensics” workshop:
Please bring a laptop. The only tool required is Wireshark (Windows or Linux or Mac) which can be installed on your laptop. The only required file is the CTF.ZIP (Download here). If you prefer to have access to all of the tools the instructors may demonstrate, you may run the SecurityOnion virtual machine. SecurityOnion runs as a virtual machine on VMware Workstation Player 12, Virtual Box or equivalent. SecurityOnion has all the tools pre-installed.
- Wireshark (Windows or Linux)
- Network Miner
Optional Virtual Machine:
- Security Onion (VMware or Virtual Box or equivalent)