Projects / NetXtract

NetXtract

Xtract attempts to demonstrate how Wireshark's powerful network traffic analysis capabilities can be combined with the file carving capabilities of programs such as Foremost and NetworkMiner in a manner that is portable and extensible (hence the choice of Perl). Specifically, it offers automated extraction of network stream sessions; visualization of networks via GraphViz; and integration of file carving capability. The scripts are intended as a proof-of-concept for how tedious tasks of reassembling TCP/UDP streams from network capture files and file carving based on these streams can be automated.

Tags
Licenses
Operating Systems
Implementation

Recent releases

  •  23 Dec 2011 23:26

    Release Notes: Protocol name hashing has been moved to the configuration file xtract.conf. Various issues concerning link diagram generation have been resolved. A basic carver for exe files has been added, but has not been rigorously stress tested, so the authors would appreciate any feedback on it.

    Screenshot

    Project Spotlight

    OpenStack4j

    A Fluent OpenStack client API for Java.

    Screenshot

    Project Spotlight

    TurnKey TWiki Appliance

    A TWiki appliance that is easy to use and lightweight.