This repository contains files and documentation for a cybersecurity lab simulating Security Operations Center (SOC) traffic analysis.
The purpose is to practice network traffic investigation, incident detection, and Wireshark analysis.
- Analyze captured network traffic (PCAP files)
- Identify suspicious activity, potential intrusions, or unusual communications
- Document findings with screenshots, notes, and reports
- Network traffic analysis using Wireshark
- Detection of suspicious traffic patterns
- TCP/UDP protocol understanding
- Documentation of SOC investigations
- Creating structured incident reports
- Open PCAP files in Wireshark
- Follow notes and screenshots for context
- Review any included documentation for final findings
- Example suspicious IPs, HTTP POST anomalies, or potential malicious traffic
- Clear visualization of network conversations and endpoints
This lab is for educational purposes only.