Chapter 10: Analysis with Xplico

Xplico is an open source, GUI Network Forensics Analysis Tool (NFAT) that focuses on extracting artifacts from network and internet captures.

Captures of network and internet traffic are obtained directly in Xplico using its live acquisition feature but can also be done using tools within Kali Linux, such as Wireshark and Ettercap. These network acquisition files are saved as .pcap or packet capture files, which are then uploaded to Xplico and decoded automatically using its IP decoder and decoder manager components.

In this chapter, we'll cover the following topics:

Installing Xplico in Kali Linux
Starting Xplico in DEFT Linux
Packet capture analysis using Xplico
Network activity analysis using Xplico

Software ...

Get Digital Forensics with Kali Linux - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Digital Forensics with Kali Linux - Second Edition by Shiva V. N. Parasram

Chapter 10: Analysis with Xplico

Software ...

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly