Loading...
Loading...
Found 6 Skills
Analyze network traffic captures and artifacts for forensic investigation. Use when investigating data exfiltration, command and control communications, lateral movement, or network-based attacks. Supports PCAP, PCAPNG, and NetFlow analysis.
Digital forensics tools for file carving, steganography detection, PCAP analysis, and entropy scanning in CTF challenges. Trigger: When analyzing files, steganography, PCAP traffic, or hidden data.
IoT network traffic analyzer for detecting IoT protocols and identifying security vulnerabilities in network communications. Use when you need to analyze network traffic, identify IoT protocols, or assess network security of IoT devices.
Embedded network debugging tool used for interface discovery, packet capture, pcap/pcapng analysis, connectivity testing, port scanning, and traffic statistics. It is automatically triggered when users mention network protocol debugging terms such as Wireshark, tshark, Npcap, packet capture, network joint debugging, port scanning, connectivity troubleshooting, pcap analysis, network interface, ping test, traceroute, traffic statistics, Modbus TCP, EtherNet/IP, etc. It also supports explicit invocation via /net. Even if users only say "capture a packet", "scan ports", "check network connectivity" or "analyze this pcap", this skill should be triggered as long as the context involves network communication debugging.
Analyzes network traffic generated by malware during sandbox execution or live incident response to identify C2 protocols, data exfiltration channels, payload downloads, and lateral movement patterns using Wireshark, Zeek, and Suricata. Activates for requests involving malware network analysis, C2 traffic decoding, malware PCAP analysis, or network-based malware detection.
Automate network traffic analysis using tshark and pyshark for protocol statistics, suspicious flow detection, DNS anomaly identification, and IOC extraction from PCAP files