pcapfex
Packet CAPture Forensic Evidence eXtractor (pcapfex) is a tool developed by Viktor Winkelmann as part of a bachelor thesis, designed to find and extract files from packet capture files. The tool's ease of use allows users to provide a pcap-file and receive a structured export of all files found in it, even if non-standard protocols were used. pcapfex offers a plugin-system for Python developers to easily add more file-types, encodings, or complex protocols. It is developed and tested for Linux environments, depends on Python 2.7 and the dpkt package, and optionally benefits from the regex package for better performance in multithreaded search for file objects.
FEATURES
ALTERNATIVES
Digital investigation tool for extracting forensic data from computers and managing investigations.
A reliable end-to-end DFIR solution for boosting cyber incident response and forensics capacity.
Recover event log entries from an image by heuristically looking for record structures.
A cross-platform registry hive editor for forensic analysis with advanced features like hex viewer and reporting engine.
Yara pattern matching tool for forensic investigations with predefined rules for magic headers in files and raw images.
Truehunter is a tool designed to detect encrypted containers with a focus on Truecrypt and Veracrypt, utilizing a fast and memory efficient approach.
A digital investigation platform for parsing, searching, and visualizing evidences with advanced analytics capabilities.
Documentation project for Digital Forensics Artifact Repository
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.