Sunday, January 24, 2010

HTTP session reconstruction

Been wanting to attempt to reconstruct HTTP sessions captured in Pcap files. Stumbled across this tool called "PyFlag". They have this amazing script to automatically download, install and set up "PyFlag" on Ubuntu. It was painless to get up and running. I managed to load Pcap files to "PyFlag" for analysis but wasn't able to reconstruct the HTTP sessions.
I researched for other tools and found "Unsniff". Worked like a charm!!!

No comments:

Post a Comment