Xplico is installed in the major distributions of digital forensics and penetration testing: Kali Linix, BackTrack, DEFT, Security Onion, Matriux, BackBox, CERT Forensics Tools and Pentoo.
The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, RTP), IRC, MSN…
Xplico is able to classify more than 140 (application) protocols.
Xplico cam be used as sniffer-decoder if used in “live mode” or in conjunction with netsniff-ng.