Traceeshark is a plugin for Wireshark that enables security practitioners to quickly investigate security incidents. It enhances the capabilities of Aqua Tracee, an open-source runtime security and forensics tool, and allows users to analyze kernel-level event and behavioral detection alongside network traffic. With Traceeshark, users can now visually and interactively analyze system activity alongside network traffic events. The tool simplifies complex security investigations by merging Tracee’s system event data with network packet analysis with the … More
The post Traceeshark: Open-source plugin for Wireshark appeared first on Help Net Security.
This article has been indexed from Help Net Security