Upload a PCAP file to get a FREE analysis report, to discover malicious activity, security vulnerabilities and other network events on your server or endpoint.
If you suspect a file is malware, uploading it to VirusTotal is a great way to scan it against multiple antivirus engines at once. But what if you suspect there's a hacker in your system - and you can't find a suspicious executable? Or worse, what if the antiviruses on VirusTotal detect nothing at all?
Unlike the anti-viruses on VirusTotal, Red Hand Analyzer uses a signature-free technology for detecting suspicious behavior and hacker techniques such as scanning, tunneling, brute-force, enumeration, and command & control.
Red Hand Analyzer checks IP addresses and domains against a built-in threat intelligence database, tracking over 18 million malicious addresses used for malware infrastructure, command & control servers, etc.
Red Hand Analyzer tracks noteworthy network events that may have operational significance or provide valuable context during ongoing investigations - such as unusually long connections, frequent connections, and more.
PCAP files (Packet Capture files) are raw recordings of network traffic, containing detailed data on every packet sent and received over a network during a capture session. They show who communicated with whom, which protocols were used, what was transmitted, and when - essentially giving a full snapshot of network activity.
VirusTotal is built to analyze files (like executables, documents) and URLs by scanning their contents with antivirus engines and static/dynamic analysis tools. It doesn’t process or interpret network traffic flows, so it can’t understand or detect suspicious behavior hidden in communication patterns, command & control channels, DNS tunneling, or other network-based attack techniques.