PCAP Analysis
Overview
PCAP (packet capture) analysis consists of investigating traffic observed over a computer network. Packet analysis is commonly used in computer network administration and is valuable for investigating cybersecurity concerns.
YouTube Videos
Commercial Courses
SANS FOR572 – Advanced Network Forensics and Analysis
Books
Wireshark 101: Essential Skills for Network Analysis
Tools
Certifications
GNFA – GIAC Network Forensics Analyst
WCNA – Wireshark Certified Network Analysis
Indicators of Expertise
The ability to dissect network traffic to determine the who, what, when, and where of any network-level issue or cybersecurity concern.