Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection.
Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information. Network traffic is transmitted and then lost, so network forensics is often a proactive investigation.
In the field of computer network administration, pcap (packet capture) consists of an application programming interface (API) for capturing network traffic.
Unix-like systems implement pcap in the libpcap library; Windows uses a port of libpcap known as WinPcap.
It is a Data file created by Wireshark (formerly Ethereal), a free program used for network analysis; contains network packet data created during a live network capture; used for “packet sniffing” and analyzing data network characteristics; can be analyzed using software that includes the libpcap or WinPcap libraries
Well, we will be using a tool known as XPLICO, xplico is an open-source NFAT (Network Forensic Analysis Tool), the goal of Xplico is to extract from an internet traffic capture the application’s data contained.
Must Read Complete Kali Tools tutorials from Information gathering to Forensics
For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on
To know more about XPLICO tool click here
“Username : xplico”
“Password : xplico”
XPLICO – This tool is simple and easy to use also it does an intense analysis of the Packet Capture –PCAP file, This tool is pre-loaded in many penetrations testing Linux flavors such as KALI LINUX, PARROT OS, DEFT, Security Onion, Backbox, Pentooetc.
This article was provided to www.gbhackers.com by Shankara Narayanan Co-Leader at Hackers Day, a student at Tamil Nadu Dr. Ambedkar Law University.
The Evasive Panda group deployed a new C# framework named CloudScout to target a Taiwanese…
Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in…
The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215 against…
Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors to…
A security researcher discovered a vulnerability in Windows theme files in the previous year, which…
The ongoing Meta malvertising campaign, active for over a month, employs an evolving strategy to…