Xtract is a small program I wrote principally to learn the basics of TCP/IP protocols, and to address certain shortcomings and inefficiencies in the way that Wireshark handles network data. It attempts to demonstrate how Wireshark's powerful network traffic analysis capabilities can be combined with the file carving capabilities of programs such as Foremost and NetworkMiner in a manner that is portable and extensible (hence the choice of Perl).
Hopefully Wireshark project may eventually choose to incorporate some of these features such as automated TCP/UDP session extraction, an interface to a scripting engine such as Python which can be used to add modular units for file carving, and ability to export network activity in easily-readable diagram format.
- Automated extraction of network stream sessions.
- Visualization of networks via GraphViz and Pajek
- Integration of file carving capability
Be the first to post a review of Xtract!