Loading...
Loading...
Found 4 Skills
This skill should be used when the user asks to "analyze network traffic with Wireshark", "capture packets for troubleshooting", "filter PCAP files", "follow TCP/UDP streams", "dete...
Analyzes network traffic generated by malware during sandbox execution or live incident response to identify C2 protocols, data exfiltration channels, payload downloads, and lateral movement patterns using Wireshark, Zeek, and Suricata. Activates for requests involving malware network analysis, C2 traffic decoding, malware PCAP analysis, or network-based malware detection.
Traffic analysis and PCAP forensics playbook. Use when analyzing network captures including Wireshark filters, protocol analysis (HTTP/DNS/FTP/SMTP/USB/WiFi), data extraction, covert channel detection, PCAP repair, TLS decryption, and tshark command-line analysis.
Embedded network debugging tool used for interface discovery, packet capture, pcap/pcapng analysis, connectivity testing, port scanning, and traffic statistics. It is automatically triggered when users mention network protocol debugging terms such as Wireshark, tshark, Npcap, packet capture, network joint debugging, port scanning, connectivity troubleshooting, pcap analysis, network interface, ping test, traceroute, traffic statistics, Modbus TCP, EtherNet/IP, etc. It also supports explicit invocation via /net. Even if users only say "capture a packet", "scan ports", "check network connectivity" or "analyze this pcap", this skill should be triggered as long as the context involves network communication debugging.