:snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
GNU General Public License v2.0
1.66k
stars
275
forks
source link
Added Sqlite DB functionality for packet data and pcap session loading. #70
Technica has added Sqlite db functionality for the packet data and a prototype for the destination hosts was also added, though not used/tested.
This version is also capable of loading previously analyzed pcap data sessions; based on the name of the pcap file/sqlite db file.
There is a bug in this version to be noted. The device information that is used during visualization is not persisted in the database, but kept in Global Memory which is erased when the application is closed. If the same PCAP is analyzed again, the data is pulled from the Sqlite database but the analyze portion is skipped so the device information will be missing.
on-behalf-of: @org github@technicacorp.com
Technica has added Sqlite db functionality for the packet data and a prototype for the destination hosts was also added, though not used/tested. This version is also capable of loading previously analyzed pcap data sessions; based on the name of the pcap file/sqlite db file. There is a bug in this version to be noted. The device information that is used during visualization is not persisted in the database, but kept in Global Memory which is erased when the application is closed. If the same PCAP is analyzed again, the data is pulled from the Sqlite database but the analyze portion is skipped so the device information will be missing.