Ionel's Avatar

Ionel

@ionel-dev

long-time lurker

7
Followers 23
Following 6
Posts 20.11.2024
Joined
Posts Following

Latest posts by Ionel @ionel-dev

Preview
GitHub - 0xor0ne/awesome-list: Cybersecurity oriented awesome list Cybersecurity oriented awesome list. Contribute to 0xor0ne/awesome-list development by creating an account on GitHub.

Cybersecurity blog posts, writeups, papers, and tools

github.com/0xor0ne/awes...

#infosec

09.03.2026 21:42 πŸ‘ 28 πŸ” 4 πŸ’¬ 0 πŸ“Œ 0

The best way to learn something is to practice it - we all know this.

That's why labbing is important for network engineers for cert study.

If you are learning or curious about Path MTU discovery, our latest Ostinato guide shows how to lab this feature.
1/2

24.02.2026 18:22 πŸ‘ 1 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Preview
New AirSnitch attack breaks Wi-Fi encryption in homes, offices, and enterprises That guest network you set up for your neighbors may not be as secure as you think.

That guest SSID you set up for your neighbors may not be as secure as you think

arstechnica.com/security/202...

26.02.2026 16:14 πŸ‘ 8 πŸ” 5 πŸ’¬ 1 πŸ“Œ 1
Preview
CISA mixup of IOC domains Google's Threat Intelligence Group (GTIG) and Mandiant's recent Disrupting the GRIDTIDE Global Cyber Espionage Campaign report is great and it has lots of good Indicators of Compromise (IOC). ...

Do CISA analysts type out IOC domains by hand?
netresec.com?b=26233f4

26.02.2026 10:41 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
GRU unit 26165 domains: accesscan[.]org glize[.]com You’ve verified them, right? You’ve verified them, right?

GRU unit 26165 domains: accesscan[.]org glize[.]com You’ve verified them, right? You’ve verified them, right?

21 of the world's best intelligence and security agencies cannot be wrong... right?
netresec.com?b=26233f4

27.02.2026 16:34 πŸ‘ 2 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Preview
CISA mixup of IOC domains Googles Threat Intelligence Group (GTIG) and Mandiants recent Disrupting the GRIDTIDE Global Cyber Espionage Campaign report is great and it has lots of good Indicators of Compromise (IOC). Many of th...

netresec.com?b=26233f4

27.02.2026 16:37 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Why Ostinato TX uses only one core - or does it? Why Ostinato TX uses one CPU core per port and when it actually uses multiple cores. Includes performance optimization tips and Turbo Transmit details.

Our latest guide goes into details!

ostinato.org/guides/...
2/2

11.02.2026 16:02 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

Erik Hjelmvik will run a hands-on network forensic workshop at the upcoming Digital Forensics Research Conference in Sweden. Participants will get the chance to analyze:
πŸ”ͺ Packets carved from memory dumps
πŸ§… Unencrypted Tor traffic
dfrws.org/dfrws-eu-202...

05.02.2026 10:10 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
njRAT runs MassLogger njRAT is a remote access trojan that has been around for more than 10 years and still remains one of the most popular RATs among criminal threat actors. This blog post demonstrates how NetworkMiner Pr...

Decoding #njRAT C2 traffic to extract screenshots, commands and transferred files
netresec.com?b=262adb9

02.02.2026 19:41 πŸ‘ 3 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
NetworkMiner has been around for a long time, and it shows β€” in a good way. It feels opinionated. It feels calm. It feels like a tool made by people who’ve already had a few bad days in incident response. No hype. No buzzwords. Just packets telling you what happened.

NetworkMiner has been around for a long time, and it shows β€” in a good way. It feels opinionated. It feels calm. It feels like a tool made by people who’ve already had a few bad days in incident response. No hype. No buzzwords. Just packets telling you what happened.

Thank you for those kind words! πŸ’œ
www.linkedin.com/pulse/issue-...

27.01.2026 08:28 πŸ‘ 2 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Preview
Online Network Forensics Class I will teach a live online network forensics training on February 23-26. The full title of the class is Network Forensics for Incident Response, where we will analyze PCAP files containing network tra...

The early bird discount, for our live online network forensics class, expires by the end of this week. Sign up if you’d like to analyze PCAP files together with Erik Hjelmvik (creator of NetworkMiner and PolarProxy).
netresec.com?b=25A2e4f

26.01.2026 07:06 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Decoding malware C2 with CyberChef This video tutorial demonstrates how malware C2 traffic can be decoded with CyberChef. The PCAP files with the analyzed network traffic can be downloaded from malware-traffic-analysis.net. CyberChef r...

🎬 Video: Decoding malware C2 with #CyberChef
netresec.com?b=261f535

20.01.2026 12:39 πŸ‘ 2 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Post image

Ostinato generated traffic not reaching the intended destination?

Our latest KB article helps you troubleshoot this!
1/2

14.01.2026 13:55 πŸ‘ 1 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Preview
GitHub - 0xor0ne/awesome-list: Cybersecurity oriented awesome list Cybersecurity oriented awesome list. Contribute to 0xor0ne/awesome-list development by creating an account on GitHub.

Curated list of cybersecurity research, RE material, exploitation write-ups, and tools.

github.com/0xor0ne/awes...

#infosec

30.12.2025 11:17 πŸ‘ 68 πŸ” 12 πŸ’¬ 2 πŸ“Œ 1
Preview
Streams vs Flows in Ostinato Understanding the difference between streams and flows in Ostinato

Link: ostinato.org/guides/...
2/2

17.12.2025 14:01 πŸ‘ 2 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Preview
veth on MacOS How to create and use Linux virtual-ethernet (veth) like interfaces on MacOS

Blog Post: srivatsp.com/ostinat...
2/2

11.12.2025 12:28 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
Python API Easy Start An easy way to get started with Ostinato Python API by configuring in GUI and doing operations with Python script

Blog Post:

02.12.2025 10:26 πŸ‘ 2 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
NetworkMiner 3.1 Released This NetworkMiner release brings improved extraction of artifacts like usernames, passwords and hostnames from network traffic. We have also made some updates to the user interface and continued our e...

NetworkMiner 3.1 Released!
πŸ”‘ More usernames, passwords and hostnames from #PCAP
πŸ’» Improved user interface
πŸ‘Ύ Better details from malware C2 traffic
netresec.com?b=25C4039

01.12.2025 09:12 πŸ‘ 2 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Post image

Studying for a CCNA/CCIE? Or some other networking cert? Ostinato for Labbing (GNS3, EVE-NG, CML and CLAB) has a Black Friday Sale! Level up your Labs TODAY! #LabEveryday

28.11.2025 09:44 πŸ‘ 3 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Preview
Ethernet/IP packet generator, 10/40/100G network traffic generator and tester. Load and functional tests. GUI and Python-API. No special hardware required

Link:

20.11.2025 13:30 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image

The Black Friday Sale is now LIVE!

20.11.2025 13:30 πŸ‘ 0 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Post image

I’m looking for a junior dev (or intern) to work with me on Ostinato - my network traffic generator / packet crafter product.

C++, Qt, Python, networking - lots of hands-on learning.

Please share if you know someone who might be a good fitπŸ™

12.11.2025 12:40 πŸ‘ 0 πŸ” 2 πŸ’¬ 1 πŸ“Œ 0
Post image

Call for Papers: SharkFest’26 US
Nashville, TN | July 18–23, 2026

Share your packet analysis, troubleshooting, or Wireshark insights with the community! Submit your talk today:
sharkfest.wireshark.org/sfus/

#SharkFest #Wireshark #PacketAnalysis #NetworkEngineering #NashvilleTech #sf26us

11.11.2025 22:22 πŸ‘ 0 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Preview
Optimizing IOC Retention Time Are you importing indicators of compromise (IOC) in the form of domain names and IP addresses into your SIEM, NDR or IDS? If so, have you considered for how long you should keep looking for those IOCs...

Monitoring for too many old indicators not only costs money, it can even inhibit detection of real intrusions.
πŸ“† Include "last seen" date when publishing IOCs
❌ Prune old IOCs
πŸ“œ Prioritize long lived IOCs over short lived ones
netresec.com?b=25Be9dd

06.11.2025 13:08 πŸ‘ 3 πŸ” 1 πŸ’¬ 1 πŸ“Œ 1
Post image Post image Post image

Some recent job postings requiring Ostinato skills!

05.11.2025 09:51 πŸ‘ 3 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Post image

Want to generate some synthetic SRv6 traffic?

29.10.2025 16:40 πŸ‘ 2 πŸ” 3 πŸ’¬ 1 πŸ“Œ 0
Preview
Labbing with Ostinato - Minus the VNC pain Learn how to run the Ostinato GUI locally on your laptop while controlling Ostinato nodes inside GNS3, EVE-NG, CML, and Containerlab

Details and instructions for each labbing platform are here -

ostinato.org/blog/vi...
(2/2)

09.09.2025 14:56 πŸ‘ 2 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0
Preview
A royal gold medal The Royal Swedish Academy of Sciences (IVA, the same org that selects winners for three of the Nobel prize categories) awards me a gold medal 2025 for my work on curl. This academy, established 1919 b...

I am awarded a gold medal by the Royal Swedish Academy of Sciences for my work on #curl

daniel.haxx.se/blog/2025/10...

21.10.2025 06:36 πŸ‘ 112 πŸ” 14 πŸ’¬ 9 πŸ“Œ 1
Post image Post image Post image Post image

After years of steady evolution, Ostinato 2.0 is finally here.

A big milestone for the project - modernized, faster, and built for what’s next.

16.10.2025 14:46 πŸ‘ 2 πŸ” 2 πŸ’¬ 1 πŸ“Œ 0
Preview
Gh0stKCP Protocol Gh0stKCP is a command-and-control (C2) transport protocol based on KCP. It has been used by malware families such as PseudoManuscrypt and ValleyRAT/Winos4.0. @Jane_0sint recently tweeted about ValleyR...

Gh0stKCP is a C2 transport protocol based on KCP. It has been used by malware families such as #PseudoManuscrypt and #ValleyRAT.
netresec.com?b=259a5af

24.09.2025 10:27 πŸ‘ 3 πŸ” 2 πŸ’¬ 0 πŸ“Œ 0