So on a job i had captured some data transfer off the wire but wanted to put some proof of that in the report and for some brownie points.
I wasn’t entirely sure what tool to use but a quick google pointed me in the direction of foremost.
The pcap was captured in wireshark so i opened it up again and found the correct TCP stream that contained what… Continue reading