NetForce is a collection of three tools named NeSA, CyberInvestigator and EmailTracer used for Network Forensics. NeSA is used for packet analysis, CyberInvestigator is used for log analysis and EmailTracer is used for email tracing.

NeSA (Network Packet Analysis Tool)

Networks Forensics Tool to capture and analyse network traffic. Data sent through the network can be captured, recreated and exported using this tool.

Data Reconstruction

With the help of flexible and powerful filtering system, data from HTTP, SMTP, POP3 and FTP session can be recreated and visualized in an analysis friendly manner. The tool has built-in data viewers including a Mailview, to help the analyst to concentrate on analysis.

Analysis Modes

NeSA supports both data level and packet level analysis of network data. In data level, the analyst can concentrate on the data and can avoid the nuts and bolts of network protocols. But if he/she wishes to dig deeper, the packet analysis mode is ready to extend its helping hands.

Searching and Filtering

Searching and filtering helps to reach analyst's goals faster. Flexible filter expressions are provided for packet level analysis and for data level analysis. The data level filtering supports filtering based on date, time, IP, MAC and port. The regular expression based searching gives the analyst the full power that he expects from a tool.


Other Features

CyberInvestigator (Log Analysis Tool)

CyberInvestigator is a Network Forensics Tool for log analysis. It involves gathering different kinds of logs available in machines which were compromised in an attack. The analysis involves tracing down the intrusions, usage of network and creating a detailed forensic report. Network Forensic analysts should analyze various type of logs such as Linux, Unix and Windows OS Logs, Web Server Logs, Database Logs, Firewall Logs, IDS Logs, VPN Logs, Router Logs, Proxy Logs, Windows Domain Logs, Wireless Access Point Logs etc. Manual analysis of these logs is very cumbersome and analysts need special tools to efficiently analyze and find out different types of attacks and other types of criminal activities.



EmailTracer is a forensic tool to track email sender's identity. It can be used to trace the sender's details of any email by analyzing its header. The tool is able to analyze email headers collected from web based and local mail programs. EmailTracer gives details of the sending machine including IP address, which is the key point to find the culprit. It also gives geographical location of the sender, route traced by the email etc. It can also be used for retrieving emails and its details from mailbox files of local mail programs like Outlook Express(.dbx), .Microsoft Outlook(.pst), Eudora(.mbx), Pegasus(.cnm), The Bat(.tbb), Netscape Messenger(.nsm), Incredimail(.imm), KMail(MailDir), Mozilla(.mbox) and Windows7 Mail(.eml).

Download Brochure

Contact Details for Techno Commercial Information

Group Head, Cyber Security Group,
CDAC Thiruvananthapuram
email- csg@cdac.in, tpc@cdac.in
Phone : 0471 2781500