Open Source Forensic Tools
Tool Name
|
tcpflow
|
Description
|
tcpflow is a program that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis or debugging. A program like 'tcpdump' shows a summary of packets seen on the wire, but usually doesn't store the data that's actually being transmitted. In contrast, tcpflow reconstructs the actual data streams and stores each flow in a separate file for later analysis.
|
Operating System
|
Windows
|
Link
|
http://www.circlemud.org/~jelson/software/tcpflow/
|
Back To Open Source Forensic Tools List