I teach a 2 day training “Wireshark Wifi and Lua Training” at Brucon. More details here.
Emerging Threats and Snort released my Snort rule to detect Metasploit Meterpreter Reverse HTTPS traffic.
More details about the rule in an upcoming blogpost.
pcap-rename.py is a program to rename pcap files with a timestamp of the first packet in the pcap file.
The first argument is a template of the new filename. Use %% as a placeholder for the timestamp. Don’t forget the .pcap extension.
The next arguments are the pcap files to be renamed.
You can provide one or more pcap files, use wildcards (*.pcap) and use @file.
@file: file is a text file containing filenames. Each file listed in the text file is processed.
Example to rename pcap files:
Renamed: capture1.pcap -> server-20140416-184037-926493.pcap
Renamed: capture2.pcap -> server-20140417-114252-700036.pcap
Renamed: capture3.pcap -> server-20140419-052202-911011.pcap
Renamed: capture4.pcap -> server-20140424-065625-868672.pcap
Use option -n to view the result without actually renaming the pcap files.
This program does not support .pcapng files (yet).