pcapfex

Packet CAPture Forensic Evidence eXtractor (pcapfex) is a specialized tool created by Viktor Winkelmann as part of a bachelor thesis. This tool is designed to locate and extract files from packet capture files, making it easier to analyze network traffic.

The tool's user-friendly interface enables users to upload a pcap-file and receive a well-organized export of all files detected within it, even if non-standard protocols were utilized. pcapfex provides a plugin system for Python developers, allowing them to effortlessly incorporate additional file types, encodings, or complex protocols.

This application is developed and tested specifically for Linux environments. It relies on Python 2.7 and the dpkt package. Additionally, it optionally utilizes the regex package to enhance performance during multithreaded searches for file objects.