NETRESEC - Network Forensics and Network Security Monitoring
NETRESEC. Network forensics, packet sniffers and IT security products. Download NetworkMiner and other free software for network security...
Read Netresec.com news digest here: view the latest NETRESEC articles and content updates right away or get to their most visited pages. Netresec.com belongs to a large group of moderately popular websites, with around 59K visitors from all over the world monthly. It seems that NETRESEC content is notably popular in USA, as 21.6% of all users (13K visits per month) come from this country. We haven’t detected security issues or inappropriate content on Netresec.com and thus you can safely use it. Netresec.com is hosted with ACTIVE 24, s.r.o. (Czech Republic) and its basic language is English.
Content verdict: Safe
Website availability: Live
Language: English
Last check:
-
1 976
Visitors daily -
1 976
Pageviews daily -
4
Google PR -
127 469
Alexa rank
Best pages on Netresec.com
-
NETRESEC - Network Forensics and Network Security Monitoring
Network forensics, packet sniffers and IT security products. Download NetworkMiner and other free software for network security analysis.
-
CapLoader - Search, sort, filter and extract flows from PCAP files
Cap Loader handles large PCAP files fast! CapLoader is great for quickly extracting individual flows or sessions from multiple pcap files. CapLoader can also identify the application layer protocol of...
-
RawCap sniffer for Windows released
We are today proud to announce the release of RawCap, which is a free raw sockets sniffer for Windows. Here are some highlights of why RawCap is a great tool to have in your toolset: Can sniff any int...
Netresec.com news digest
-
8 days
njRAT is a remote access trojan that has been around for more than 10 years and still remains one of the most popular RATs among criminal threat actors. This blog post demonstrates how NetworkMiner Professional can be used to decode the njRAT C2 traffic...
-
22 days
Decoding malware C2 with CyberChef
This video tutorial demonstrates how malware C2 traffic can be decoded with CyberChef.
The PCAP files with the analyzed network traffic can be downloaded from malware-traffic-analysis.net.
CyberChef recipe to decode the reverse shell traffic to 103.27.157.146:4444:... -
2 months
I recently learned that the great folks from The DFIR Report have done a writeup covering the Latrodectus backdoor. Their report is titled From a Single Click: How Lunar Spider Enabled a Near Two-Month Intrusion.
I found it particularly interesting that the threat actors used Latrodectus to drop a BackConnect RAT to the victim PC. I have verified that this RAT’s Command and Control (C2) traffic is using the exact same BackConnect C2 protocol as what would previously... -
2 months
This NetworkMiner release brings improved extraction of artifacts like usernames, passwords and hostnames from network traffic. We have also made some updates to the user interface and continued our effort to extract even more details from malware C...
Domain history
| Web host: | ACTIVE 24, s.r.o. |
| Registrar: | Ascio Technologies, Inc. Danmark - Filial af Ascio technologies, Inc. USA |
| Registrant: | Not Disclosed |
| Updated: | July 23, 2025 |
| Expires: | November 30, 2026 |
| Created: | November 30, 2010 |
Whois record
Visitor gender
Male
Female
Safety scores
Trustworthiness
ExcellentChild safety
N/A
