PCAP Analysis

PCAP Analysis

Overview

PCAP (packet capture) analysis consists of investigating traffic observed over a computer network. Packet analysis is commonly used in computer network administration and is valuable for investigating cybersecurity concerns.

PCAP – Wikipedia

YouTube Videos

Commercial Courses

SANS FOR572 – Advanced Network Forensics and Analysis

Books

Practical Packet Analysis

Wireshark 101: Essential Skills for Network Analysis

Tools

Wireshark

Network Miner

Certifications

GNFA – GIAC Network Forensics Analyst

WCNA – Wireshark Certified Network Analysis

Indicators of Expertise

The ability to dissect network traffic to determine the who, what, when, and where of any network-level issue or cybersecurity concern.