Xplico Description
Xplico can be found in the following distributions of digital forensics or penetration testing: Kali Linix (BackTrack, DEFT), Security Onion (Matriux), Security Onion (BackBox), CERT Forensics Tools Pentoo, CERT-Toolkit, DEFT, Security Onion and Security Onion). Multiple users can simultaneously access Xplico. Each user can manage one or several Cases. The UI is a Web User Interface. Its backend DB can either be SQLite or MySQL. Xplico can also be used as a Cloud Network Forensic Analysis tool. Xplico's goal is to extract from internet traffic the applications data. Xplico can extract each email (POP and SMTP protocols), each HTTP content, each VoIP call (SIP), FTP and TFTP) from a pcap. Xplico doesn't perform network protocol analysis. Xplico (an open-source Network Forensic Analysis Tool, NFAT) is a network protocol analyzer. Each data reassembled with Xplico is associated with an XML file which uniquely identifies the flows as well as the pcap containing that data.