Tag Archives: Network Forensics

NetDude – Network Dump data Displayer

NetDude Network Dump data Displayer and Editor is a framework for inspection, analysis and manipulation of tcpdump trace files.

Moloch – PCAP capturing, Indexing and Database System

Moloch augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access.

LiveTcpUdpWatch – Displays live TCP and UDP Activity

LiveTcpUdpWatch is a tool for Windows that displays live information about all TCP and UDP activity on your system.

CapAnalysis – Network Forensic Tool

CapAnalysis is a web visual tool for information security specialists, system administrators and everyone who needs to analyze large amounts of captured network traffic.

Xplico – Network Forensic Analysis Tool

Network artifact collection is extremely important when you are looking to investigate a security intrusion reported by external entity such as ISP, CERT or CSIRT. Network evidence may include network logs, network pcap files and the source IP these are