Open Source Forensic Tools

Tool Name tcpflow
Description tcpflow is a program that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis or debugging. A program like 'tcpdump' shows a summary of packets seen on the wire, but usually doesn't store the data that's actually being transmitted. In contrast, tcpflow reconstructs the actual data streams and stores each flow in a separate file for later analysis.
Operating System Windows
Link http://www.circlemud.org/~jelson/software/tcpflow/

Back To Open Source Forensic Tools List

Database Sections