CapAnalysis is a freeware toolset that performs a variety of tasks, similar to Xplico. CapAnalysis allows incident response analysts to review large packet capture files and parse out TCP, UDP, and ESP streams. Analysts also have the ability to filter out IP addresses, ports, protocols, as well as tie data flows to specific geographical areas.

CapAnalysis can be downloaded from the site The download package contains an installer. Simply click on the Install button and the package will install.

Once installed, navigate to http://localhost:9877. From here, analysts can configure a password ...

Get Digital Forensics and Incident Response now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.