CapTipper
{.section info}
Analysis Info
| PCAP File |
Analysis Time |
CapTipper Version |
Traffic Time |
| {pcap_file} |
{analysis_time} |
{captipper_version} |
{traffic_time} |
{.end}
{.section flow}
Flow View
{.end}
{.section client}
Client Details
| IP | {IP} |
| MAC | {MAC} |
{.section USER-AGENT}
| USER-AGENT | {@} |
{.end}
{.section X-FLASH-VERSION}
| X-FLASH-VERSION | {@} |
{.end}
{.end}
Conversations
{.repeated section conversations}
| {name} ({ip}) |
|---|
| ID | URI | RESPONSE TYPE | FILENAME | RESPONSE CODE | MAGIC | SIZE | TIME |
|---|
{.repeated section uris}
{.section exe}
{.or}
{.section binary}
{.or}
{.end}
{.end}
|
|
{id} | {uri} | {res_type} | {filename} | {res_num} | {magic_ext} | {res_len} | {epochtime} |
|
Download
|
|
|
SHA256
|
{sha256}
|
|
Referer
|
{referer}
|
|
Magic
|
{magic_name} ({magic_ext})
|
|
Request
|
{req|html-attr-value}
|
|
Response Header
|
{res_head|html-attr-value}
|
{.section respeek}
|
Response Peek (128 B)
|
{@|html-attr-value}
|
{.end}
{.section hexpeek}
|
HEX Peek (128 B)
|
{@}
|
{.end}
{.section peinfo}
|
PE Info
|
{@}
|
{.end}
{res_base64|html-attr-value}
|
{.or}
No Conversations Found
{.end}
{.or}
(No page content matches)
{.end}