Xplico
Open Source Network Forensic Analysis Tool (NFAT)

Xplico is an open-source network forensic analysis tool (NFAT) that extracts and reconstructs application-layer data from captured network traffic. It supports a wide range of protocols including HTTP, SIP, IMAP, POP, SMTP, and more, and provides a web-based interface backed by SQLite, MySQL, or PostgreSQL. It is included in major digital forensics and penetration testing distributions such as Kali Linux, DEFT, and Security Onion.
Xplico decodes captured network packets using a Decoder Manager and IP decoder, then reconstructs application-layer data which is viewable through a multi-user web interface.
digital forensics investigators, penetration testers, and security researchers
Background.
- Status
- launched
- Business model
- open-source
Similar projects.
Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.
Have a take on this space?
Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.