pcapfex: finds and extracts files from packet capture files
pcapfex
‘Packet CAPture Forensic Evidence eXtractor’ is a tool that finds and extracts files from packet capture files.
It was developed by Viktor Winkelmann as part of a bachelor thesis.
The power of pcapfex lies in its ease of use. You only provide it a pcap-file and are rewarded a structured export of all files found in it. pcacpfex allows data extraction even if non-standard protocols were used. It’s easy to understand plugin-system offers python developers a quick way to add more file-types, encodings or even complex protocols.
Install
git clone https://github.com/vikwin/pcapfex.git
sudo pip install dpkt
sudo pip install regex
Use
Copyright (C) 2015 vikwin
Source: https://github.com/vikwin/
