Ask Your Question

Revision history [back]

Send alerts for 50 LDAP packets in under 1 min

Hello, I've been trying to figure out different ways to detect "bloodhound" which is an enumeration tool used for Active Directory. Is it possible for Wireshark to send alerts for a certain amount of packets within a certain amount of time?

Originally I was thinking of using python to code it myself since I couldn't find anything about it online.

Thank you in advance!