Traceeshark: Open-source plugin for Wireshark

Traceeshark is a plugin for Wireshark that enables security practitioners to quickly investigate security incidents. It enhances the capabilities of Aqua Tracee, an open-source runtime security and forensics tool, and allows users to analyze kernel-level event and behavioral detection alongside network traffic. With Traceeshark, users can now visually and interactively analyze system activity alongside network traffic events. The tool simplifies complex security investigations by merging Tracee’s system event data with network packet analysis with the … More

The post Traceeshark: Open-source plugin for Wireshark appeared first on Help Net Security.

This article has been indexed from Help Net Security

Read the original article: