xplico - Internet traffic decoder and network forensic analysis tool
The goal of Xplico is extract from an internet traffic capture the
applications data contained. For example, from a pcap file Xplico
extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents,
each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network
protocol analyzer. Xplico is an open source Network Forensic Analysis Tool
by Lawrence R. Rogers (2017-11-13):
* Release 1.2.1-1
Mehmet D. İNCE from invictuseurope.com discovered several
vulnerability related to the Xplico software. He identified three
different vulnerability, two classified as “Hight severity”
and one as “Medium severity”. The number assigned for this
vulnerability of Xplico is CVE-2017-16666. More details here.
Thanks to Mehmet’s detail report and the collaboration
of Mehmet and of Doug Burks of Security Onion Solutions,
vulnerabilities have been resolved.
This release fix these issues. It is recommended and exhorts to
upgrade your Xplico installations.
Thanks again to Mehmet D. İNCE and to Doug Burks.
by Lawrence R. Rogers (2017-09-27):
* Release 1.2.0-4
Added missing README.md file
by Lawrence R. Rogers (2017-08-04):
* Release 1.2.0-3
Recompiled for new version of nDPI (2.1)
by Lawrence R. Rogers (2017-01-18):
* Release 1.2.0-1
* This is the 1.2.0 version.
* Migration from PHP5 to PHP7
* CakePHP 2.8
* IMAP bug fix
* Bugfix: reported on Security Onion
* IPv4 defragmentation
* CapAnalysis dissectors and dispatcher
by Lawrence R. Rogers (2016-12-07):
* Release 1.1.1-6
* Created pyc files for Fedora 24 from the 1.1.2 distribution.
by Lawrence R. Rogers (2016-10-24):
* Release 1.1.1-5
* The PHP configuration is now also in the start and stop code.
by Lawrence R. Rogers (2016-07-09):
* Release 1.1.1-2
* Recompiled for nDPI-1.8.
by Lawrence R. Rogers (2015-11-09):
* Release 1.1.1-1
* Whatsapp OS and Phone number
* Added MGCP dissector
* IMAP bug fixed
* Updated for nDPI-1.7.0.