Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection.
Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information. Network traffic is transmitted and then lost, so network forensics is often a proactive investigation.
In the field of computer network administration, pcap (packet capture) consists of an application programming interface (API) for capturing network traffic.
Unix-like systems implement pcap in the libpcap library; Windows uses a port of libpcap known as WinPcap.
It is a Data file created by Wireshark (formerly Ethereal), a free program used for network analysis; contains network packet data created during a live network capture; used for “packet sniffing” and analyzing data network characteristics; can be analyzed using software that includes the libpcap or WinPcap libraries
Well, we will be using a tool known as XPLICO, xplico is an open-source NFAT (Network Forensic Analysis Tool), the goal of Xplico is to extract from an internet traffic capture the application’s data contained.
Must Read Complete Kali Tools tutorials from Information gathering to Forensics
For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on
To know more about XPLICO tool click here
“Username : xplico”
“Password : xplico”
XPLICO – This tool is simple and easy to use also it does an intense analysis of the Packet Capture –PCAP file, This tool is pre-loaded in many penetrations testing Linux flavors such as KALI LINUX, PARROT OS, DEFT, Security Onion, Backbox, Pentooetc.
This article was provided to www.gbhackers.com by Shankara Narayanan Co-Leader at Hackers Day, a student at Tamil Nadu Dr. Ambedkar Law University.
A sophisticated cyber campaign orchestrated by the Chinese Advanced Persistent Threat (APT) group, Silver Fox,…
A new wave of cyberattacks attributed to the Ghostwriter Advanced Persistent Threat (APT) group has…
The LCRYX ransomware, a malicious VBScript-based threat, has re-emerged in February 2025 after its initial…
Recent cybersecurity investigations have uncovered a sophisticated technique employed by threat actors to evade detection…
A financial management app named Finance Simplified has been revealed as a malicious tool for…
A recent discovery by cybersecurity researchers has revealed that the Poseidon malware, a macOS-targeting trojan,…