PcapXray is a network forensics tool designed to visualize a packet capture offline as a network diagram, highlighting important communication, device identification, and file extraction. The tool aims to speed up the investigation process by providing a detailed network diagram with features such as web traffic details, Tor traffic identification, possible malicious traffic, and data obtained from packets.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.
A library and set of tools for accessing and analyzing storage media devices and partitions for forensic analysis and investigation.
A library for accessing and parsing Windows NT Registry File (REGF) format files, designed for digital forensics and registry analysis applications.
A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.
Stegextract is a Bash script that extracts hidden files and strings from images, supporting PNG, JPG, and GIF formats.
TestDisk is a free data recovery software that can recover lost partitions and undelete files from various file systems.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
A library for read-only access to QEMU Copy-On-Write (QCOW) image files, supporting multiple versions and compression formats for digital forensics analysis.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.