5/13/2023 0 Comments Pcap analyzer![]() In case the playbook has several search inputs provided such as IPAddressToSearch, TCPPortsToSearch ,UDPPortsToSearch, ProtocolToSearch and AdvancedSearchFilter. This input value is used to provide a WPA (Wi-Fi Protected Access) password to decrypt encrypted 802.11 Wi-FI traffic. ![]() This input specifies the file entry ID for the RSA decrypt key if the user provided the key in the incident. Values can be true or any other value for false. This input specifies whether to run the file carving playbook. ![]() This input specifies whether to run the parsing and enrichment playbook. This input specifies the file entry ID for the PCAP file if the user provided the file in the incident. This playbook does not use any integrations. This playbook uses the following sub-playbooks, integrations, and scripts. In order to demonstrate the entire flow make sure that at least on of the following playbook inputs is configured in order for search results to exist. The playbooks is meant to be a demonstration of all the PCAP analysis capabilities however it is more likely to use each of the subplaybooks seperatly.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |