Blue Team Hardware - sofwerx/mad-jack GitHub Wiki

System: Laptop running POP!_ OS (Ubuntu Linux) which is tethered to the Safehouse via a dedicated ethernet cable. The laptop must remain powered on as it will be downloading packets in real time. The laptop can, however, be configured so the screen can remain closed while powered on.

External Hard drive: Extra storage for the laptop to help with storage of pcap data.

Network TAP (USR4503): This is an external monitoring device that is placed (undetected) on the network to capture all incoming and outgoing traffic. It dumps all the intercepted packets (packet capture [pcap] data) onto the laptop.