I'm wondering if there is any way to check for legitimate documents through exported Wireshark files from a .pcap capture. I cannot seem to find much information on partial files or coded files on the internet. I have a total of 1415 files, how would I sift through each one to check for legitimate files? Any information would be appreciated.
Asked
Active
Viewed 31 times
0
-
What platform are you on? What language do you want to use? What have you tried so far (there is an edit button on the question)? You may want to look at https://stackoverflow.com/help to get a sense of how to ask a question with all the right details. – Ross Jacobs Mar 11 '21 at 19:02
-
I'm quite new to wireshark. So far I've extracted all HTTP and SMB files. I just want to check which are partial files or coded. I know some python and C++. – Sean_K Mar 11 '21 at 23:37