CAPLOADER- Tool to handle large amounts of network traffic

PCAP files are important during investigation of a network based incidents, this to find out and resolve any network issue such as a malicious scan or a DoS attack against your services. CAPLOADER is a tool that will help in analyzing a large amounts of captured traffic in PCAP/PcapNG files.

The tool will list each packet with content and classify them according to their protocol whether TCP or UDP based. it will be also possible to export the analyzed data to Wireshark or NetworkMiner. CAPLOADER allow to drag and drop the pcap file next you select the flow you need to analyze.

CapLoader 1CAPLOADER screenshot (click to enlarge)

CAPLOADER allows to have the source/destination IP address the transport  and when the connection initiated/closed, the duration of the connection. it will be possible to select the IP you need to investigate or ports you are focusing on. There is also a possibility to search by keyword for large files and open a file from a URL link if it exist in a cloud storage.This will be also important to find the non standard connections during a malware analyses that you detect from your honeypot or IDS.

You can download the tool over this link: http://www.netresec.com/?page=CapLoader#trial

Share