This is an old revision of the document!
Table of Contents
Analysis of popular PCAP dumps
Using Trisul NSM to analyze popular PCAP (Packet Capture) dumps made publicly available.
DEFCON 26 PCAP Dump
The DEFCON 26 CTF Competition PCAP dump using the Trisul NSM Docker image. This article explains how you can use the free trisulnsm/trisul6 docker image to process the 50GB+ PCAP and also to view the results.
Offline analysis with the WRCCDC PCAP dump
In this three part series, we explain techniques and show how to analyze the 2018 WRCCDC PCAP dump using TrisulNSM. We appreciate the kind folks at WRCCDC for making this publicly accessible.
Part 1: Strategy to analyze large PCAP dumps without getting overwhelmed
Part 2: How to use the free TrisulNSM Docker image to process the PCAPs
Part 3: Screenshots and vids showing some of the results and techniques