• Post category:StudyBullet-2
  • Reading time:7 mins read

Learn how to perform malware analysis for Cisco CyberOps Associate Certification (CBROPS) using Sguil & Squert

What you will learn

Part of the best selling course: CCNA Cyber Ops Tools: Sec Onion, Wireshark, and Kali Linux

What is Sguil

What is Squert

How to perform security analysis using Sguil & Squert

How to perform pivoting into other tools from Sguil & Squert

How to perform event categorization using Sguil & Squert

Practice security analysis with Sguil & Squert through an assignment

Sguil & Squert Quiz included


***** Part of the best selling course: CCNA Cyber Ops Tools: Sec Onion, Wireshark, and Kali Linux *****

It is estimated that there will be about 1.5 million unfilled jobs in cyber security by the year 2020. A more recent statistic increased this number for cyber security unfilled jobs to be 3.5 million by the year 2021. In addition, recent article highlights Cisco Systems intention to become a cyber security force. For these reasons, Cisco created the CCNA Cyber Ops certification, which can become one of the most certifications in demand in the near future. Furthermore, Cisco created a scholarship program for this certification, which emphasis its importance.

In this course you will learn about the tools that you can use for your study of the CCNA Cyber Ops certification and the current Cisco CyberOps Associate certification. Learning the theory side is important, but the hands on side is more important, since the main purpose of your study is to apply your knowledge in production, and since your hands on will enforce your theory knowledge. You can not teach someone how to drive a car by showing him or her how to do it, but you have to let him try and practice how to do that. Furthermore, showing you hands on labs and how to use tools without teaching you how to create these labs and install these tools, might not give you the ultimate benefit from your study . For this reason, I have created this course to teach you how to create your own home labs, and to understand the core usage and important features of the tools used in them. I believe in the saying: “Give a man a fish and you feed him for a day; teach a man to fish and you feed him for a lifetime“. If you have access to online labs, such as that offered by Cisco through their scholarship, you still need to know how to create your own home labs to continue practicing and experimenting, which is what this course will help you to achieveOn the other hand, this course will prepare you to go through these online labs quickly, and with confidence, since you will be familiar with the tools used in them.  And not just online labs, but any other hands on Cyber Ops courses, like what I intend to publish in the near future.

In this course you will learn about how to use the tcpreplay command, and where to download PCAP files that can be used with this command to recreate network packets in order to practice with malware analysis using Sguil and Squert. You will go through the steps of exploring Sguil ,pivoting into other security analysis tools, events categorization, and finally do these steps using Squert too.

I hope that you will join me in this course and start your Cyber security journey. Happy learning!




Course Introduction & Overview

Get Instant Notification of New Courses on our Telegram channel.


Working with PCAP Files

Using the tcpreplay Command

Downloading More PCAP Files

Working with Sguil & Squert

Introduction to Sguil and Squert

Working with Sguil – Part 1

Working with Sguil – Part 2 (Tools Pivoting)

Working with Sguil – Part 3 (Events Categorization)

Exploring Squert


Sguil and Squert Quiz

Sguil and Squert Quiz