Xplico is a Network Forensic Analysis Tool (NFAT).
The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp...
Xplico is able to classify more than 140 (application) protocols.
Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng.
Xplico is used also in CapAnalysis: http://www.capanalysis.net
Features
- Network Forensic
- Digital Forensics
- TCP/IP Protocol Decoder
- Packet Sniffer
- Sniffer
- PCAP Parser
- IPv4 and IPv6
License
GNU General Public License version 2.0 (GPLv2)
You Might Also Like
Log360 is a unified SIEM solution with integrated DLP and CASB capabilities that detects, prioritizes, investigates, and responds to security threats. It combines threat intelligence, machine learning-based anomaly detection, and rule-based attack detection techniques to detect sophisticated attacks, and offers an incident management console for effectively remediating detected threats. Log360 provides holistic security visibility across on-premises, cloud, and hybrid networks with its intuitive and advanced security analytics and monitoring capabilities.
Rate This Project
Login To Rate This Project
User Reviews
-
Xplico does not allow parallel compiling. The Makefile under manipulators/mwmail and system/script directories fail at the rule below when launching multiple GNU Make jobs (e.g. make -j4). Replace the *.pyc with $*.*.pyc and it will compile in parallel: %.pyc: %.py rm -f $@ $(PYCMPL) $< if [ -d "__pycache__" ]; then mv __pycache__/*.pyc $@; fi
-
Thanks for software and updates.