I completed the NetworkMiner room on TryHackMe, which introduced me to a powerful network forensics tool that makes analyzing packet captures a lot more approachable. Instead of digging through raw data line by line, NetworkMiner automatically organizes traffic into categories like hosts, files, images, credentials, and sessions. In this room, I learned how to load a packet capture (PCAP) file and quickly see which devices were talking on the network, what operating systems they were running, and even what files or images were transferred during the session.
The exercises walked me through extracting artifacts such as user credentials and downloaded files, which showed just how much sensitive information can be revealed from intercepted traffic. By the end, I felt more confident in using NetworkMiner not only to piece together what happened during an incident, but also to recognize how exposed data can be if encryption isn’t in place. This room really highlighted the value of network forensics in both investigations and security awareness.