https://static.trisul.org/devzone/ 2026-04-20T06:35:09+00:00 https://static.trisul.org/devzone/ https://static.trisul.org/devzone/tatic.trisul.org/devzone/lib/tpl/dokuwiki/images/favicon.ico text/html 2018-11-12T17:30:00+00:00 https://static.trisul.org/devzone/doku.php/offline:defcon26ctf?rev=1542043800&do=diff Processing the DEFCON 26 CTF PCAPS using Trisul NSM With the right tools, analyzing large PCAP dumps can be lots of fun. This article is a step-by-step of using TrisulNSM to dive into the DEFCON26 CTF PCAP Given only a large PCAP dump, your first task as an analyst is to make sense of it from multiple angles. I typically like to start off with a statistical overview. text/html 2018-05-12T18:40:08+00:00 https://static.trisul.org/devzone/doku.php/offline:wrccdc_pcaps?rev=1526150408&do=diff Analyzing the WRCCDC PCAP dump using TrisulNSM : Part 1 Approach The good folks at WRCCDC were kind enough to release packet captures (PCAPS) of the recently concluded event. The entire corpus is roughly 1TB. Now the question is : text/html 2018-05-12T18:38:44+00:00 https://static.trisul.org/devzone/doku.php/offline:wrccdc_pcaps_results?rev=1526150324&do=diff Analyzing the WRCCDC PCAPs : Part 3 Analysis using TrisulNSM In this article we will just show pictures and a video of how you might analyze the imported PCAP dumps using Trisul. This is Part-3 of a 3 Part series * Part 1: Approach how to avoid getting overwhelmed by large PCAPS * Part 2: How to use the free TrisulNSM Docker Image to analyze the PCAP dump * Part 3: Screenshots & video of analysis paths (using TrisulNSM) text/html 2018-05-12T18:42:15+00:00 https://static.trisul.org/devzone/doku.php/offline:wrccdc_pcaps_trisulnsm?rev=1526150535&do=diff Analyzing the WRCCDC PCAP dump using TrisulNSM : Part 2 How to run TrisulNSM over the PCAP dump In this article, we show you step by step instructions to run the free TrisulNSM Docker image over the PCAP dumps. This is Part-2 of a 3 Part series *