Xplico
Xplico
Xplico is an open-source forensic analysis app. It supports HTTP( Hypertext Transfer Protocol), IMAP (Internet Message Access Protocol), and more.
What is xplico used for?
Xplico is a network forensics analysis tool (NFAT), which is a software that reconstructs the contents of acquisitions performed with a packet sniffer (e.g. Wireshark, tcpdump, Netsniff-ng).
Features:
.You can get your output data in the SQLite database or MySQL database.
.This tool gives you real time collaboration.
.No size limit on data entry or the number of files.
.You can easily create any kind of dispatcher to organize the extracted data in a useful way.
.It is one of the best open source forensic tools that support both IPv4 and IPv6.
.You can perform reserve DNS lookup from DNS packages having input files.
.Xplico provides PIPI (Port Independent Protocol Identification) feature to support digital forensic.
How does xplico work?
Xplico extracts packets from internet traffic and captures the application data contained in them. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP content, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn't a network protocol analyzer.
What is the difference between xplico and Wireshark?
The name “xplico” refers to the latin verb explico and its significance. Distributed under the GNU General Public License,[2] Xplico is free software. Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education.
How do I start xplico on Kali Linux?
In a new Terminal, we type apt-get update and press Enter. The sudo apt-get update command may have to be used to provide admin privileges if the former does not run successfully. We then attempt to install Xplico by typing apt-get install xplico (or sudo apt-get install xplico
What are network forensic analysis tools?
Network Forensic Analysis Tools (NFATs) help administrators monitor their environment for anomalous traffic, perform forensic analysis and get a clear picture of their environment. To gain a better definition of the tool, it examines three NFATs: SilentRunner, NetIntercept and NetDetector.
Is xplico free?
See http://www.xplico.org for more information. Copyright 2007-2019 Gianluca Costa & Andrea de Franceschi and contributors. This is free software; see the source for copying conditions.
Comments
Post a Comment