Table of Contents

Analysis of popular PCAP dumps

Using Trisul NSM to analyze popular PCAP (Packet Capture) dumps made publicly available.

Merge PCAPs

Using the ''trisul_ixmgtool'' to squish many thin PCAPs into a single thick PCAP file

DEFCON 26 PCAP Dump

Processing the DEFCON26 CTF Competition PCAP dump. This article explains how you can use the free trisulnsm/trisul6 docker image to process the 50GB+ PCAP and to view the results.

Credits : DEFCON 26 CTF Competition Thanks to the good folks at DEFCON26 for making the PCAP public.

Offline analysis with the WRCCDC PCAP dump

In this three part series, we explain techniques and show how to analyze the 2018 WRCCDC PCAP dump using TrisulNSM. We appreciate the kind folks at WRCCDC for making this publicly accessible.

Part 1: Strategy to analyze large PCAP dumps without getting overwhelmed

Part 2: How to use the free TrisulNSM Docker image to process the PCAPs

Part 3: Screenshots and vids showing some of the results and techniques