Mercury: network metadata capture and analysis

Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)

Step-by-step guide to identifying and fixing common TCP issues using Wireshark — retransmissions, resets, zero windows, handshake failures, and more.

Network simulation tool (fakenet) for use in dynamic malware analysis in Windows, using HTTP(S) and DNS listeners. Capability of transmitting gathered packet captures to external endpoint.

AI-assisted real-time Network Intrusion Detection System (NIDS) built with Scapy, FastAPI, and React. Detects port scans, SYN floods, brute-force attempts, and C2 beaconing. Enriches alerts using a local LLM (Ollama) and streams live detections via WebSockets to an interactive dashboard.

Understanding usage of wireshark and filtering the results

This case study on ARP spoofing via Wi-Fi breach illustrates a classic but frequently underestimated threat vector in network security.

Projects from Computer Communications and Networks (2021-2022 academic year)

This is a powerful and flexible network sniffing tool written in Python. It captures network packets in real-time, analyzes them, and provides insights through both a terminal interface and an optional web-based dashboard.

This IOC case revolves around a Wi-Fi compromise, where an attacker leveraged weak network defenses to gain unauthorized access. The initial detection came from AP logs identifying an unrecognized MAC address joining the network, accompanied by a suspicious WPA2 authentication event.