Description: Tcpxtract is a tool for extracting files from network traffic based on file signatures. Extracting files based on file type headers and footers (sometimes called "carving") is an age old data recovery technique. Tools like Foremost employ this technique to recover files from arbitrary data streams. Tcpxtract uses this technique specifically for the application of intercepting files transmitted across a network. Other tools that fill a similar need are driftnet and EtherPEG. driftnet and EtherPEG are tools for monitoring and extracting graphic files on a network and is commonly used by network administrators to police the internet activity of their users. The major limitations of driftnet and EtherPEG is that they only support three filetypes with no easy way of adding more. The search technique they use is also not scalable and does not search across packet boundries.
Credits : http://tcpxtract.sourceforge.net/
This video is a simple demo of how to use Tcpxtract to extract data from network traffic. In video first wireshark is used to capture the network traffic. After that Tcpxtraxt is used to get some images from captured network traffic by wireshark.
Source : krotouyy from Youtube
Tags: Tcpxtract ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
This tool uses libpcap, a popular, portable and stable library for network data capture.
Fast and very scalable tool.
You can try driftnet also.
Nice tool for capturing traffic.
I think for all this work Wireshark is the best tool.