In this lab-based project, I captured and analyzed network traffic to identify indicators of compromise, such as DNS tunneling, port scans, and brute-force login attempts. I interpreted TCP/IP protocols and dissected packet headers to understand anomalies and attacker behaviors.