soc-portfolio / investigations / thm-network-analysis IN PROGRESS
← Back to case log
⧗ In Progress — report will be updated as the investigation completes

THM — Network Traffic Analysis

Platform TryHackMe / Wireshark Category Network Forensics Tools Wireshark · tcpdump · NetworkMiner Status In Progress Analyst Hossam Hashem

// Overview

Network traffic analysis challenge on TryHackMe using Wireshark to dissect a packet capture and identify suspicious activity. Objectives include isolating malicious flows, extracting artefacts, and mapping observed behaviour to MITRE ATT&CK techniques.

Full write-up pending. Sections below will be populated as the investigation progresses.

// Alert / Event Summary

Event # Description Protocol Verdict
To be completed

// IOCs

TypeValue
To be completed

// MITRE ATT&CK

Techniques will be mapped once analysis is complete.

// Key Takeaways

To be written after the investigation is closed.