𝙽𝙴𝚃𝚁𝙴𝚂𝙴𝙲
CapLoader 2.0 released today!
🔎 Identifies over 250 protocols in #PCAP
🎨 Define protocols from example traffic
🇶 Extracts JA3, JA4 and SNI from QUIC
💻 10x faster user interface
https://netresec.com/?b=256dbbc
CapLoader 2.0 Released

I am thrilled to announce the release of CapLoader 2.0 today! This major update includes a lot of new features, such as a QUIC parser, alerts for threat hunting and a feature that allow users to define their own protocol detections based on example network traffic. User Defined Protocols CapLoader's[...]

Netresec
Jun 2 at 3:55pmWeb
Show threadIchinin   ✅🎯🙄Jun 2
@netresec Cool, i think you should push that Malware C2 feature into your announcements..
Show thread𝙽𝙴𝚃𝚁𝙴𝚂𝙴𝙲Jun 2
@Ichinin You mean that it identifies lots of malware C2 protocols out of the box, or that the user can define detections C2 protocols that CL doesn't yet detect? Or the ThreatFox alert feature?
Show threadBrian ClarkJun 2
@netresec @Ichinin maybe all of the above as I didn’t know any of that. Cool features!
Show threadIchinin   ✅🎯🙄Jun 2
@netresec First one. OOB detection is a cool feature.
Show thread𝙽𝙴𝚃𝚁𝙴𝚂𝙴𝙲Jun 3
@Ichinin It's probably time to record some malware hunting videos with CapLoader.
Show thread𝙽𝙴𝚃𝚁𝙴𝚂𝙴𝙲Jun 9
@Ichinin Here we go:
https://infosec.exchange/@netresec/114653881506170541
𝙽𝙴𝚃𝚁𝙴𝚂𝙴𝙲 (@netresec@infosec.exchange)

Video: Detecting #PureLogs traffic with #CapLoader https://netresec.com/?b=256a8c4

Infosec Exchange
Show threadIchinin   ✅🎯🙄Jun 9
@netresec Cool! You should push features like this higher so people know about them. I haven't seen this in any product - and i highly doubt that either RSA Security Analytics/Netwitness or Darktrace has added this functionality recently.