CapAnalysis – Network Forensic Tool

CapAnalysis is a web visual tool for information security specialists, system administrators and everyone who needs to analyze large amounts of captured network traffic. CapAnalysis performs indexing of data set of PCAP files and presents their contents in many forms, starting from a list of TCP, UDP or ESP streams/flows, passing to the geo-graphical representation of the connections.

CapAnalysis – Network Forensic Tool

Currently the tool include the following features:

  • PCAP files Viewer Web pcap file Viewer. It can manage not only one file, but sets of pcap files.
  • Deep Packet Inspection (DPI): more than 140 protocols.
  • Filtering the captures analyzed by IP , Country , Data volume and Date.
CapAnalysis – Network Forensic Tool

CapAnalysis is a Web pcap file Viewer. It can manage not only one file, but sets of pcap files. The TCP reassembly allows to evaluate the bytes lost for each TCP stream.

Network artifact is important when there is many assets you want to investigate. Incident responder will definitely ask for network traffic capture and he will also may need to have the diagram to understand where is the suspicious or compromised host located and to which system it is connected.

There are several advantages when you use CapAnalyses is to filter the data based on your finding and investigation. the country connection and list of IP in destination field guide to find if there is host being part of a botnet or infected and controlled by a remote system.

You can read more and download this tool over here: https://www.capanalysis.net/ca/

Share