Jump to content
begood

Pcap Forensics Tool Update

By begood, in Programe hacking

Recommended Posts

begood Newbie

begood

Posted
Posted

New features have been added in to the Pcap Forensics Tool.

-Support for multiple files within a single stream

-Support for multiple HTTP Requests within a single stream

-HTTP GET correlation with returned data

-Improved Gzip decoding

-Source and Destination IP Filtering

-Pinpoint file extraction

The following is an example of the new switches it supports:

output.png

This is the new summary when given the "-s" switch:

new_summary.png

Filtering destination IP addresses with HTTP Information:

filter_with_http.png

And finally, the pinpoint file extraction. The switch "-E" is used in conjunction with a format "s2f1" (stream 2 file 1) to pinpoint which file the user wants to extract as seen below:

spExtract.png

The tool can be downloaded at the same location:

Pcap Forensics Tool

This includes the updated gzip support which was created by the writer of JsUnpack.

Pcap Forensics Tool Update | Malware Forge

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...