Process Attribution In Network Traffic
A DARPA Cyber Fast Track Project
PAINT captures network packets and attributes originating and receiving Process IDs (PIDs) and Process Names on in real-time. It optionally integrates with Wireshark for ease of use. PAINT simplifies malware analysis by attributing TCP, UDP, and IP packet activity to the originating and target executable.
You can read more about PAINT in our blog post on it.
Digital Operatives is proud to release to the public for Research Purposes Only the beta version of PAINT. You can download PAINT here.
See our Youtube video below