Zeek Logo

Zeek In Action, Video 2, Tracing a Trickbot Infection

by | May 18, 2021 | community, Zeek in Action

In this episode, Richard Bejtlich traces a trickbot infection known as CATBOMBER, posted by Brad Duncan on his Malware Traffic Analysis site. 

Richard uses try.zeek.org to look at the PCAP for signs of suspicious and malicious activity and answer the questions posed on Brad Ducan’s site. 

If you would like to follow along, please see the introductory video in the series and Video 1, Suspected Malware Compromise.

 If you would like to discuss the video, or consider creating one yourself, please visit the Zeek community Slack workspace and join the #documentation channel.

Get Zeek
Downloads
Zeek GitHub
Add-on Packages
Try Zeek Online

Documentation
Feature Release
LTS Release
Dev Version
Dev Resources
FAQs

Community
Getting Started
Sign Up
Twitter
Youtube
Discourse
Slack
GitHub Issues
Security Reporting
Contact Us
Subgroups
Training

Events
Upcoming Events
Calendar
ZeekWeek 2022
Past Events

Blog

About About Zeek Leadership Team Code of Conduct Slack Guidelines Governance Framework Mission, Vision, Values

%d bloggers like this: