Visit
Xplico screenshot
/ About /

Xplico is an open-source network forensic analysis tool (NFAT) that extracts and reconstructs application-layer data from captured network traffic. It supports a wide range of protocols including HTTP, SIP, IMAP, POP, SMTP, and more, and provides a web-based interface backed by SQLite, MySQL, or PostgreSQL. It is included in major digital forensics and penetration testing distributions such as Kali Linux, DEFT, and Security Onion.

/ How it works /

Xplico decodes captured network packets using a Decoder Manager and IP decoder, then reconstructs application-layer data which is viewable through a multi-user web interface.

/ Who it's for /

digital forensics investigators, penetration testers, and security researchers

/ More info /

Background.

Status
launched
Business model
open-source
/ Discovered patterns /

Similar projects.

Coming soonSpektrail’s read on Security

Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.

Coming soon

Have a take on this space?

Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.