SlideShare a Scribd company logo

Wireless Investigations using Xplico

Download as PPTX, PDF
Chris Harrington
Chris Harrington

A quick guide using Xplico for wireless investigations. Xplico analyzes a capture file taken from a suspect's wireless and performs carving techniques to extract artifacts.

Technology
1 of 18
For forensics investigation Basic usage guide By Chris Harrington
 Linux OS ◦ Kali (used for this test) ◦ Backtrack ◦ Others will work too  Installed Applications ◦ Xplico ◦ Apache  CAPTURE file from suspect’s wireless
 Open a terminal window and type: /etc/init.d/apache2 start
 Start Xplico services /etc/init.d/xplico start
 Navigate to http://localhost:9876 Xplico listens on port 9876 by default
 Default username and password  Username: xplico  Password: xplico
 After logging in, the case overview shows  Create a new case
 Specify a case name and create the case
 The new case is shown here in case overview  Click on the new case to enter it
 Within the Case Overview is the Sessions overview. Sessions are Capture files linked to the case  Click New Session
 Enter the session name
 The new session is shown and click on it to enter it
 This page shows artifacts found in previous CAPTURE files. Click browse and upload the suspect’s CAPTURE file
 It may take time depending on the size of your CAPTURE file to finish decoding and searching for artifacts
 The overview shows which artifacts were found. Use the menu on the left to navigate through them
 Websites visited that were found and extracted
 Xplico offers quick and easy packet analysis.  Other data that can be extracted: ◦ RTP and SIP streams ◦ Emails ◦ Images ◦ And much more  Always a good idea to run other carving tools on the CAPTURE file
 My contact details  C.k.harrington@gmail.com

Recommended

File handling in vb.net
File handling in vb.netFile handling in vb.net
File handling in vb.netEverywhere
 
JAVA GUI PART I
JAVA GUI PART IJAVA GUI PART I
JAVA GUI PART IOXUS 20
 
Malware- Types, Detection and Future
Malware- Types, Detection and FutureMalware- Types, Detection and Future
Malware- Types, Detection and Futurekaranwayne
 
Hunting for Credentials Dumping in Windows Environment
Hunting for Credentials Dumping in Windows EnvironmentHunting for Credentials Dumping in Windows Environment
Hunting for Credentials Dumping in Windows EnvironmentTeymur Kheirkhabarov
 
A Threat Hunter Himself
A Threat Hunter HimselfA Threat Hunter Himself
A Threat Hunter HimselfSergey Soldatov
 
Linux security
Linux securityLinux security
Linux securitytrilokchandra prakash
 
ColdFusion for Penetration Testers
ColdFusion for Penetration TestersColdFusion for Penetration Testers
ColdFusion for Penetration TestersChris Gates
 
Linux booting process - Linux System Administration
Linux booting process - Linux System AdministrationLinux booting process - Linux System Administration
Linux booting process - Linux System AdministrationSreenatha Reddy K R
 

Recommended

File handling in vb.net
File handling in vb.netFile handling in vb.net
File handling in vb.netEverywhere
 
JAVA GUI PART I
JAVA GUI PART IJAVA GUI PART I
JAVA GUI PART IOXUS 20
 
Malware- Types, Detection and Future
Malware- Types, Detection and FutureMalware- Types, Detection and Future
Malware- Types, Detection and Futurekaranwayne
 
Hunting for Credentials Dumping in Windows Environment
Hunting for Credentials Dumping in Windows EnvironmentHunting for Credentials Dumping in Windows Environment
Hunting for Credentials Dumping in Windows EnvironmentTeymur Kheirkhabarov
 
A Threat Hunter Himself
A Threat Hunter HimselfA Threat Hunter Himself
A Threat Hunter HimselfSergey Soldatov
 
Linux security
Linux securityLinux security
Linux securitytrilokchandra prakash
 
ColdFusion for Penetration Testers
ColdFusion for Penetration TestersColdFusion for Penetration Testers
ColdFusion for Penetration TestersChris Gates
 
Linux booting process - Linux System Administration
Linux booting process - Linux System AdministrationLinux booting process - Linux System Administration
Linux booting process - Linux System AdministrationSreenatha Reddy K R
 
LTEC 2013 - EnCase v7.08.01 presentation
LTEC 2013 - EnCase v7.08.01 presentation LTEC 2013 - EnCase v7.08.01 presentation
LTEC 2013 - EnCase v7.08.01 presentation Damir Delija
 
Registry forensics
Registry forensicsRegistry forensics
Registry forensicsPrince Boonlia
 
Alfresco DevCon 2019 Performance Tools of the Trade
Alfresco DevCon 2019 Performance Tools of the TradeAlfresco DevCon 2019 Performance Tools of the Trade
Alfresco DevCon 2019 Performance Tools of the TradeLuis Colorado
 
MindMap - Forensics Windows Registry Cheat Sheet
MindMap - Forensics Windows Registry Cheat SheetMindMap - Forensics Windows Registry Cheat Sheet
MindMap - Forensics Windows Registry Cheat SheetJuan F. Padilla
 
IP tables and Filtering
IP tables and FilteringIP tables and Filtering
IP tables and FilteringAisha Talat
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLFn|u - The Open Security Community
 
Password Cracking
Password CrackingPassword Cracking
Password CrackingSagar Verma
 
Java Deserialization Vulnerabilities - The Forgotten Bug Class (RuhrSec Edition)
Java Deserialization Vulnerabilities - The Forgotten Bug Class (RuhrSec Edition)Java Deserialization Vulnerabilities - The Forgotten Bug Class (RuhrSec Edition)
Java Deserialization Vulnerabilities - The Forgotten Bug Class (RuhrSec Edition)CODE WHITE GmbH
 
Kali Linux Installation - VMware
Kali Linux Installation - VMwareKali Linux Installation - VMware
Kali Linux Installation - VMwareRonan Dunne, CEH, SSCP
 
Snort IDS/IPS Basics
Snort IDS/IPS BasicsSnort IDS/IPS Basics
Snort IDS/IPS BasicsMahendra Pratap Singh
 
Ch 3 event driven programming
Ch 3 event driven programmingCh 3 event driven programming
Ch 3 event driven programmingChaffey College
 
Firewall and its configuration
Firewall and its configurationFirewall and its configuration
Firewall and its configurationMuhammad Baqar Kazmi
 
PowerShell for Penetration Testers
PowerShell for Penetration TestersPowerShell for Penetration Testers
PowerShell for Penetration TestersNikhil Mittal
 
Bug Bounty for - Beginners
Bug Bounty for - BeginnersBug Bounty for - Beginners
Bug Bounty for - BeginnersHimanshu Kumar Das
 
Pentest with Metasploit
Pentest with MetasploitPentest with Metasploit
Pentest with MetasploitM.Syarifudin, ST, OSCP, OSWP
 
Basic command ppt
Basic command pptBasic command ppt
Basic command pptRohit Kumar
 
Course 102: Lecture 12: Basic Text Handling
Course 102: Lecture 12: Basic Text Handling Course 102: Lecture 12: Basic Text Handling
Course 102: Lecture 12: Basic Text Handling Ahmed El-Arabawy
 
Ftk install guide
Ftk install guideFtk install guide
Ftk install guideParisutham Institute of Technology & Science
 
Memory forensics
Memory forensicsMemory forensics
Memory forensicsSunil Kumar
 
certified-ethical-hacker-cehv12_course_content.pdf
certified-ethical-hacker-cehv12_course_content.pdfcertified-ethical-hacker-cehv12_course_content.pdf
certified-ethical-hacker-cehv12_course_content.pdfinfosec train
 
Eyeing the Onion
Eyeing the OnionEyeing the Onion
Eyeing the Onionbsidesaugusta
 
Giga vue hb1 event rolling presentation-final-1
Giga vue hb1 event rolling presentation-final-1Giga vue hb1 event rolling presentation-final-1
Giga vue hb1 event rolling presentation-final-1Christopher Lee
 

More Related Content

What's hot

LTEC 2013 - EnCase v7.08.01 presentation
LTEC 2013 - EnCase v7.08.01 presentation LTEC 2013 - EnCase v7.08.01 presentation
LTEC 2013 - EnCase v7.08.01 presentation Damir Delija
 
Alfresco DevCon 2019 Performance Tools of the Trade
Alfresco DevCon 2019 Performance Tools of the TradeAlfresco DevCon 2019 Performance Tools of the Trade
Alfresco DevCon 2019 Performance Tools of the TradeLuis Colorado
 
MindMap - Forensics Windows Registry Cheat Sheet
MindMap - Forensics Windows Registry Cheat SheetMindMap - Forensics Windows Registry Cheat Sheet
MindMap - Forensics Windows Registry Cheat SheetJuan F. Padilla
 
IP tables and Filtering
IP tables and FilteringIP tables and Filtering
IP tables and FilteringAisha Talat
 
Password Cracking
Password CrackingPassword Cracking
Password CrackingSagar Verma
 
Java Deserialization Vulnerabilities - The Forgotten Bug Class (RuhrSec Edition)
Java Deserialization Vulnerabilities - The Forgotten Bug Class (RuhrSec Edition)Java Deserialization Vulnerabilities - The Forgotten Bug Class (RuhrSec Edition)
Java Deserialization Vulnerabilities - The Forgotten Bug Class (RuhrSec Edition)CODE WHITE GmbH
 
Ch 3 event driven programming
Ch 3 event driven programmingCh 3 event driven programming
Ch 3 event driven programmingChaffey College
 
PowerShell for Penetration Testers
PowerShell for Penetration TestersPowerShell for Penetration Testers
PowerShell for Penetration TestersNikhil Mittal
 
Basic command ppt
Basic command pptBasic command ppt
Basic command pptRohit Kumar
 
Course 102: Lecture 12: Basic Text Handling
Course 102: Lecture 12: Basic Text Handling Course 102: Lecture 12: Basic Text Handling
Course 102: Lecture 12: Basic Text Handling Ahmed El-Arabawy
 
Memory forensics
Memory forensicsMemory forensics
Memory forensicsSunil Kumar
 
certified-ethical-hacker-cehv12_course_content.pdf
certified-ethical-hacker-cehv12_course_content.pdfcertified-ethical-hacker-cehv12_course_content.pdf
certified-ethical-hacker-cehv12_course_content.pdfinfosec train
 

What's hot (20)

LTEC 2013 - EnCase v7.08.01 presentation
LTEC 2013 - EnCase v7.08.01 presentation LTEC 2013 - EnCase v7.08.01 presentation
LTEC 2013 - EnCase v7.08.01 presentation
 
Registry forensics
Registry forensicsRegistry forensics
Registry forensics
 
Alfresco DevCon 2019 Performance Tools of the Trade
Alfresco DevCon 2019 Performance Tools of the TradeAlfresco DevCon 2019 Performance Tools of the Trade
Alfresco DevCon 2019 Performance Tools of the Trade
 
MindMap - Forensics Windows Registry Cheat Sheet
MindMap - Forensics Windows Registry Cheat SheetMindMap - Forensics Windows Registry Cheat Sheet
MindMap - Forensics Windows Registry Cheat Sheet
 
IP tables and Filtering
IP tables and FilteringIP tables and Filtering
IP tables and Filtering
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Password Cracking
Password CrackingPassword Cracking
Password Cracking
 
Java Deserialization Vulnerabilities - The Forgotten Bug Class (RuhrSec Edition)
Java Deserialization Vulnerabilities - The Forgotten Bug Class (RuhrSec Edition)Java Deserialization Vulnerabilities - The Forgotten Bug Class (RuhrSec Edition)
Java Deserialization Vulnerabilities - The Forgotten Bug Class (RuhrSec Edition)
 
Kali Linux Installation - VMware
Kali Linux Installation - VMwareKali Linux Installation - VMware
Kali Linux Installation - VMware
 
Snort IDS/IPS Basics
Snort IDS/IPS BasicsSnort IDS/IPS Basics
Snort IDS/IPS Basics
 
Ch 3 event driven programming
Ch 3 event driven programmingCh 3 event driven programming
Ch 3 event driven programming
 
Firewall and its configuration
Firewall and its configurationFirewall and its configuration
Firewall and its configuration
 
PowerShell for Penetration Testers
PowerShell for Penetration TestersPowerShell for Penetration Testers
PowerShell for Penetration Testers
 
Bug Bounty for - Beginners
Bug Bounty for - BeginnersBug Bounty for - Beginners
Bug Bounty for - Beginners
 
Pentest with Metasploit
Pentest with MetasploitPentest with Metasploit
Pentest with Metasploit
 
Basic command ppt
Basic command pptBasic command ppt
Basic command ppt
 
Course 102: Lecture 12: Basic Text Handling
Course 102: Lecture 12: Basic Text Handling Course 102: Lecture 12: Basic Text Handling
Course 102: Lecture 12: Basic Text Handling
 
Ftk install guide
Ftk install guideFtk install guide
Ftk install guide
 
Memory forensics
Memory forensicsMemory forensics
Memory forensics
 
certified-ethical-hacker-cehv12_course_content.pdf
certified-ethical-hacker-cehv12_course_content.pdfcertified-ethical-hacker-cehv12_course_content.pdf
certified-ethical-hacker-cehv12_course_content.pdf
 

Viewers also liked

Giga vue hb1 event rolling presentation-final-1
Giga vue hb1 event rolling presentation-final-1Giga vue hb1 event rolling presentation-final-1
Giga vue hb1 event rolling presentation-final-1Christopher Lee
 
Security Onion: peeling back the layers of your network in minutes
Security Onion: peeling back the layers of your network in minutesSecurity Onion: peeling back the layers of your network in minutes
Security Onion: peeling back the layers of your network in minutesbsidesaugusta
 
Gigamon 1Q15 Investor Relations Presentation
Gigamon 1Q15 Investor Relations PresentationGigamon 1Q15 Investor Relations Presentation
Gigamon 1Q15 Investor Relations PresentationInvestorRelations
 
Detecting Malicious SSL Certificates Using Bro
Detecting Malicious SSL Certificates Using BroDetecting Malicious SSL Certificates Using Bro
Detecting Malicious SSL Certificates Using BroAndrew Beard
 
Optimizing your google local listing for search
Optimizing your google local listing for searchOptimizing your google local listing for search
Optimizing your google local listing for searchWebFX
 
Visibility and Automation for Enhanced Security
Visibility and Automation for Enhanced SecurityVisibility and Automation for Enhanced Security
Visibility and Automation for Enhanced Securitypatmisasi
 
Harnessing the Power of Metadata for Security
Harnessing the Power of Metadata for SecurityHarnessing the Power of Metadata for Security
Harnessing the Power of Metadata for SecurityJohn Pollack
 

Viewers also liked (8)

Eyeing the Onion
Eyeing the OnionEyeing the Onion
Eyeing the Onion
 
Giga vue hb1 event rolling presentation-final-1
Giga vue hb1 event rolling presentation-final-1Giga vue hb1 event rolling presentation-final-1
Giga vue hb1 event rolling presentation-final-1
 
Security Onion: peeling back the layers of your network in minutes
Security Onion: peeling back the layers of your network in minutesSecurity Onion: peeling back the layers of your network in minutes
Security Onion: peeling back the layers of your network in minutes
 
Gigamon 1Q15 Investor Relations Presentation
Gigamon 1Q15 Investor Relations PresentationGigamon 1Q15 Investor Relations Presentation
Gigamon 1Q15 Investor Relations Presentation
 
Detecting Malicious SSL Certificates Using Bro
Detecting Malicious SSL Certificates Using BroDetecting Malicious SSL Certificates Using Bro
Detecting Malicious SSL Certificates Using Bro
 
Optimizing your google local listing for search
Optimizing your google local listing for searchOptimizing your google local listing for search
Optimizing your google local listing for search
 
Visibility and Automation for Enhanced Security
Visibility and Automation for Enhanced SecurityVisibility and Automation for Enhanced Security
Visibility and Automation for Enhanced Security
 
Harnessing the Power of Metadata for Security
Harnessing the Power of Metadata for SecurityHarnessing the Power of Metadata for Security
Harnessing the Power of Metadata for Security
 

Similar to Wireless Investigations using Xplico

The best defense is a good offense (April 2013 Presentation to Atlantic HTCIA...
The best defense is a good offense (April 2013 Presentation to Atlantic HTCIA...The best defense is a good offense (April 2013 Presentation to Atlantic HTCIA...
The best defense is a good offense (April 2013 Presentation to Atlantic HTCIA...Andrew Kozma
 
Wi fi hacking using fluxion in kali linux
Wi fi hacking using fluxion in kali linuxWi fi hacking using fluxion in kali linux
Wi fi hacking using fluxion in kali linuxTejasKore3
 
Ransomware Teslacrypt Uncovered - Malware Analysis
Ransomware Teslacrypt Uncovered - Malware AnalysisRansomware Teslacrypt Uncovered - Malware Analysis
Ransomware Teslacrypt Uncovered - Malware AnalysisThomas Roccia
 
Tool Development 03 - File I/O
Tool Development 03 - File I/OTool Development 03 - File I/O
Tool Development 03 - File I/ONick Pruehs
 
Report on forensics tools
Report on forensics toolsReport on forensics tools
Report on forensics toolsVishnuPratap7
 
Securing your Kubernetes applications
Securing your Kubernetes applicationsSecuring your Kubernetes applications
Securing your Kubernetes applicationsNéstor Salceda
 
Introduction to Exploitation
Introduction to ExploitationIntroduction to Exploitation
Introduction to Exploitationprimeteacher32
 
Enabling SSL Elasticsearch on server
Enabling SSL Elasticsearch on serverEnabling SSL Elasticsearch on server
Enabling SSL Elasticsearch on serverOmkar Rane
 
Installation of OpenBiblio on Windows XP using EasyPHP
Installation of OpenBiblio on Windows XP using EasyPHPInstallation of OpenBiblio on Windows XP using EasyPHP
Installation of OpenBiblio on Windows XP using EasyPHPRupesh Kumar
 
Advanced Malware Analysis Training Session 7 - Malware Memory Forensics
Advanced Malware Analysis Training Session 7 - Malware Memory ForensicsAdvanced Malware Analysis Training Session 7 - Malware Memory Forensics
Advanced Malware Analysis Training Session 7 - Malware Memory Forensicssecurityxploded
 
18IF004_CNS.docx
18IF004_CNS.docx18IF004_CNS.docx
18IF004_CNS.docxRajAmbere1
 
First Responders Course - Session 7 - Incident Scope Assessment [2004]
First Responders Course - Session 7 - Incident Scope Assessment [2004]First Responders Course - Session 7 - Incident Scope Assessment [2004]
First Responders Course - Session 7 - Incident Scope Assessment [2004]Phil Huggins FBCS CITP
 
Cyber Security and Ethical Hacking Presentation
Cyber Security and Ethical Hacking PresentationCyber Security and Ethical Hacking Presentation
Cyber Security and Ethical Hacking PresentationShubhamGupta833557
 
Setting up your virtual infrastructure using fi-lab cloud
Setting up your virtual infrastructure using fi-lab cloudSetting up your virtual infrastructure using fi-lab cloud
Setting up your virtual infrastructure using fi-lab cloudFernando Lopez Aguilar
 
Encryption Laboratory   Purpose of the Lab   T.docx
Encryption Laboratory   Purpose of the Lab   T.docxEncryption Laboratory   Purpose of the Lab   T.docx
Encryption Laboratory   Purpose of the Lab   T.docxYASHU40
 
BestInFlowCompetitionTutorials03May2023
BestInFlowCompetitionTutorials03May2023BestInFlowCompetitionTutorials03May2023
BestInFlowCompetitionTutorials03May2023Timothy Spann
 
How to export import a mysql database via ssh in aws lightsail wordpress rizw...
How to export import a mysql database via ssh in aws lightsail wordpress rizw...How to export import a mysql database via ssh in aws lightsail wordpress rizw...
How to export import a mysql database via ssh in aws lightsail wordpress rizw...AlexRobert25
 
Examine Evidence PartitionsAnalysis of four small partitions ext.docx
Examine Evidence PartitionsAnalysis of four small partitions ext.docxExamine Evidence PartitionsAnalysis of four small partitions ext.docx
Examine Evidence PartitionsAnalysis of four small partitions ext.docxcravennichole326
 

Similar to Wireless Investigations using Xplico (20)

The best defense is a good offense (April 2013 Presentation to Atlantic HTCIA...
The best defense is a good offense (April 2013 Presentation to Atlantic HTCIA...The best defense is a good offense (April 2013 Presentation to Atlantic HTCIA...
The best defense is a good offense (April 2013 Presentation to Atlantic HTCIA...
 
Wi fi hacking using fluxion in kali linux
Wi fi hacking using fluxion in kali linuxWi fi hacking using fluxion in kali linux
Wi fi hacking using fluxion in kali linux
 
Ransomware Teslacrypt Uncovered - Malware Analysis
Ransomware Teslacrypt Uncovered - Malware AnalysisRansomware Teslacrypt Uncovered - Malware Analysis
Ransomware Teslacrypt Uncovered - Malware Analysis
 
Tool Development 03 - File I/O
Tool Development 03 - File I/OTool Development 03 - File I/O
Tool Development 03 - File I/O
 
Report on forensics tools
Report on forensics toolsReport on forensics tools
Report on forensics tools
 
Securing your Kubernetes applications
Securing your Kubernetes applicationsSecuring your Kubernetes applications
Securing your Kubernetes applications
 
Qtp launch
Qtp launchQtp launch
Qtp launch
 
Introduction to Exploitation
Introduction to ExploitationIntroduction to Exploitation
Introduction to Exploitation
 
Enabling SSL Elasticsearch on server
Enabling SSL Elasticsearch on serverEnabling SSL Elasticsearch on server
Enabling SSL Elasticsearch on server
 
Neutron kilo
Neutron kiloNeutron kilo
Neutron kilo
 
Installation of OpenBiblio on Windows XP using EasyPHP
Installation of OpenBiblio on Windows XP using EasyPHPInstallation of OpenBiblio on Windows XP using EasyPHP
Installation of OpenBiblio on Windows XP using EasyPHP
 
Advanced Malware Analysis Training Session 7 - Malware Memory Forensics
Advanced Malware Analysis Training Session 7 - Malware Memory ForensicsAdvanced Malware Analysis Training Session 7 - Malware Memory Forensics
Advanced Malware Analysis Training Session 7 - Malware Memory Forensics
 
18IF004_CNS.docx
18IF004_CNS.docx18IF004_CNS.docx
18IF004_CNS.docx
 
First Responders Course - Session 7 - Incident Scope Assessment [2004]
First Responders Course - Session 7 - Incident Scope Assessment [2004]First Responders Course - Session 7 - Incident Scope Assessment [2004]
First Responders Course - Session 7 - Incident Scope Assessment [2004]
 
Cyber Security and Ethical Hacking Presentation
Cyber Security and Ethical Hacking PresentationCyber Security and Ethical Hacking Presentation
Cyber Security and Ethical Hacking Presentation
 
Setting up your virtual infrastructure using fi-lab cloud
Setting up your virtual infrastructure using fi-lab cloudSetting up your virtual infrastructure using fi-lab cloud
Setting up your virtual infrastructure using fi-lab cloud
 
Encryption Laboratory   Purpose of the Lab   T.docx
Encryption Laboratory   Purpose of the Lab   T.docxEncryption Laboratory   Purpose of the Lab   T.docx
Encryption Laboratory   Purpose of the Lab   T.docx
 
BestInFlowCompetitionTutorials03May2023
BestInFlowCompetitionTutorials03May2023BestInFlowCompetitionTutorials03May2023
BestInFlowCompetitionTutorials03May2023
 
How to export import a mysql database via ssh in aws lightsail wordpress rizw...
How to export import a mysql database via ssh in aws lightsail wordpress rizw...How to export import a mysql database via ssh in aws lightsail wordpress rizw...
How to export import a mysql database via ssh in aws lightsail wordpress rizw...
 
Examine Evidence PartitionsAnalysis of four small partitions ext.docx
Examine Evidence PartitionsAnalysis of four small partitions ext.docxExamine Evidence PartitionsAnalysis of four small partitions ext.docx
Examine Evidence PartitionsAnalysis of four small partitions ext.docx
 

Recently uploaded

Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 

Recently uploaded (20)

Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 

Wireless Investigations using Xplico

  • 1. For forensics investigation Basic usage guide By Chris Harrington
  • 2.  Linux OS ◦ Kali (used for this test) ◦ Backtrack ◦ Others will work too  Installed Applications ◦ Xplico ◦ Apache  CAPTURE file from suspect’s wireless
  • 3.  Open a terminal window and type: /etc/init.d/apache2 start
  • 4.  Start Xplico services /etc/init.d/xplico start
  • 5.  Navigate to http://localhost:9876 Xplico listens on port 9876 by default
  • 6.  Default username and password  Username: xplico  Password: xplico
  • 7.  After logging in, the case overview shows  Create a new case
  • 8.  Specify a case name and create the case
  • 9.  The new case is shown here in case overview  Click on the new case to enter it
  • 10.  Within the Case Overview is the Sessions overview. Sessions are Capture files linked to the case  Click New Session
  • 11.  Enter the session name
  • 12.  The new session is shown and click on it to enter it
  • 13.  This page shows artifacts found in previous CAPTURE files. Click browse and upload the suspect’s CAPTURE file
  • 14.  It may take time depending on the size of your CAPTURE file to finish decoding and searching for artifacts
  • 15.  The overview shows which artifacts were found. Use the menu on the left to navigate through them
  • 16.  Websites visited that were found and extracted
  • 17.  Xplico offers quick and easy packet analysis.  Other data that can be extracted: ◦ RTP and SIP streams ◦ Emails ◦ Images ◦ And much more  Always a good idea to run other carving tools on the CAPTURE file
  • 18.  My contact details  C.k.harrington@gmail.com