Can I analyze network activity in REVEN with Wireshark?

Yes, you can. REVEN is shipped with a Python API that allows to easily write scripts that analyze a REVEN trace and aggregate networking data.

As an example, you can find here a script that dumps a PCAP file containing the network packets handled in a x64 Windows 10 REVEN trace recorded on a QEMU hypervisor. For each packet, a transition id is provided that can be used to continue the analysis in the scenario’s trace (taint data flow for example).