Nowadays there are a lot of tools to analyse traffic, but the most important thing to have is the experience and knowledge of a malware analyst. The goal of the workshop is to give a hands-on experience on analysing the behavior of malware and botnet traffic in the network by studying their web patterns and their traffic behavior. The workshop will use both pcap files of real malware captures and real normal captures. Participants will learn a proven approach on how to do their traffic analysis, how to recognise malicious connections, how to separate normal behaviours from malicious behaviours, how to recognise anomalous patterns and how to deal with large amounts of traffic. Analysing only malware traffic may not be so complicated for some people, but accurately separating it from normal traffic is harder.
Read more here: https://www.hacktivity.com/training-portfolio