Product Details

Netfox Detective - Nástroj pro forenzní analýzu síťové komunikace

Created: 2015

English title
Netfox Detective - a network forensics tool for analyzing network traffic
Type
software
License
required - free
Authors
Keywords

network forensics, processing captured traffic, application protocol parsing, content extraction

Description

NFX Detective is a novel Network forensic analysis tool that implements methods for extraction of application content from communication using supported protocols. The implemented functionality includes:

  • Analysis project management that enables to analyze multiple PCAPs in a single session. Support for large PCAP files, up to hundreds of GB.
  • Advanced visualization using different views of various levels of detail - from overivew to detailed information about every single packet.
  • A collection of persers and content extraction methods for the most used application protocols.
  • Filtering and full-text search in captured traffic.
NFX Detective is an extensible platform that can be customized to individual requirements:
  • Possibility to create a new extraction moduls for other application protocols. This can be done using protocol specification language and implementation of data transoformation and new user view to presented extracted data.
  • Extension of the system with user defined analytical methods. NFX Detective employs open data model that can be accessed or easily modified.
  • Definition of new views on the data. Data are stored in a No-SQL database and can be efficiently accessed through well-defined interface.
Projects
Research groups
Back to top