Tag Archives: Network Forensics

Xplico – Network Forensic Analysis Tool

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email

SocketSniffer – Network Traffic Sniffer

SocketSniffer allows you to capture TCP/IP packets that pass through your network adapter and view the captured data as a sequence of conversations

NetworkMiner – Network Forensic Analysis Tool

NetworkMiner is an open source Network Forensic Analysis Tool (NFAT) for Windows (but also works in Linux / Mac OS X / FreeBSD).

Netactview – Graphical Network Activity Viewer

Netactview is a graphical network connections viewer for Linux, similar in functionality with Netstat. it includes features like process information

NetDude – Network Dump data Displayer

NetDude Network Dump data Displayer and Editor is a framework for inspection, analysis and manipulation of tcpdump trace files.

Moloch – PCAP capturing, Indexing and Database System

Moloch augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access.

LiveTcpUdpWatch – Displays live TCP and UDP Activity

LiveTcpUdpWatch is a tool for Windows that displays live information about all TCP and UDP activity on your system.