Excellent work, I like the tools and will keep it in my quick and dirty tool set for analysis.
Here are a couple of features that I would like to see:
1) on the Host tab being able to select and copy text out from results for use in another program or report, maybe make this an all tabs type of thing ( I would like to be able to export info from the followoing tabs at least: host, files, images, credentials, passwords, and clear text)
2) on the host tab select host and being able to query DNS/traceroute/others options
3) color coding over all tabs ( select a host and color code it so all info on all tabs show up in the color for selected hosts)
4) on the files tab being able to export the lists in txt
5) on the files tab when right clicking you give the option to open a file add a confirmation prompt when opening file ( hey any one could be silly and run a exe that they shouldnt)
6) optional MD5 creation on files
7) on the image tab being able to create thumbnail report of images with MD5
8) color coding packets (maybe)
Thanks for the work on the current tool.
Hello. This is a fantastic tool.
I really want to echo some of the suggestions which echoport23 made, and make a few of my own:
* The ability to export data lists to a text file (including file lists, cookies, credentials, etc)
* Ability to move multiple files easily (maybe you could have a tickbox to 'select' files for 'bulk' operations?)
* Ability to extract files + all the metadata which the tool provides (src, dst, protocol, etc)
* Ability to reconstruct HTTP sessions & webpages
* MD5 files
* Ability to easily tell which pcap a file was extracted from when working with multiple pcaps
Thank you very much. Please don't hesitate to contact me for more information or if there is anything I can do to help with this project.
Thanks for all suggestions. I've noticed you've put them in the "feature request" page as well, which is just where I want them!
I would like to open *.dmp.appcapz capture files directly from NetworkMiner. I can open these files via wireshark and saving them as *.cap or *.pcap but this only changes to an odd error in NetworkMiner when I try to open the files:
Error opening pcap file: The file .....pcap is not a PCAP file. Magic number is 1F8B0800 or 88B1F but should be A1B2C3D4. [ OK ]
Huh? I'm looking for suggestions.
I am not familiar with the .dmp.appcapz extension, what application are you using to create these capture files? The best solution would be if you could send me such a capture file.
The fact that the magic number isn’t the standard libpcap one also points to that your file is using some unusual capture format.