Network Forensics Built
for Forensic Labs
Packet 360 is an on-premises network forensics and PCAP analysis platform for digital forensic labs, SOC teams, and incident response practitioners. Deep packet inspection, multi-protocol decoding, TCP session reconstruction, and file carving — running entirely on your own infrastructure, with no external data transfer.
🇮🇳 Made in India · On-premises deployment · No external data transfer
Deep PCAP Analysis —
From Raw Capture to Structured Findings
Integrated analysis modules covering the complete network forensics workflow — from capture ingest and deep packet inspection to documented, signed output for investigators and lab records.
Hash Verification & Integrity Baseline
SHA-256 and MD5 hashes are computed on ingest. The integrity baseline is established before any analysis — every finding rests on a verified foundation.
Full Protocol Decoding
All packets parsed across all protocol layers. Application-layer data is decoded and made readable — HTTP requests, email threads, Kerberos tickets, DNS queries, and more.
Session Reconstruction
TCP streams and application-layer sessions are reassembled in sequence — showing the complete conversation between hosts, in context, in the correct order.
Artefact Extraction
Files transferred over the network are carved and extracted with cryptographic hashing. Documents, images, executables, and other objects are individually catalogued.
Timeline & Indicator Analysis
A chronological event timeline is built across the full capture. Threat indicators and anomalous patterns are flagged automatically for investigator review.
Structured Export & Reporting
All findings are exported with integrity hashes and a signed analysis report — ready to file into DFL 360 case records or hand off to the investigation team.
Broad Network Protocol Support —
Deep Application-Layer Parsing
Packet 360 performs deep packet inspection and decodes application-layer data across all supported protocols — making raw PCAP captures readable, structured, and documentable for network forensics investigations.
| Layer | Protocols | What Packet 360 Extracts |
|---|---|---|
| Network | IPv4, IPv6, ICMP, ARP | IP flows, routing, network topology mapping |
| Transport | TCP, UDP | Session reconstruction, port mapping, flow analysis |
| Web | HTTP, HTTPS, TLS/SSL | Requests, responses, cookies, certificates, JA3/JA3S, SNI |
| SMTP, POP3, IMAP | Full email reconstruction with headers, body, and attachments | |
| File Transfer | FTP, FTPS, SMB | File extraction with SHA-256 and MD5 hashing per file |
| DNS | DNS, mDNS, LLMNR | Query/response pairs, domain timeline, anomaly detection |
| Authentication | Kerberos, NTLM, LDAP | Auth events, ticket requests, credential artefacts, anomalies |
| Remote Access | SSH, Telnet, RDP | Session identification, command extraction (Telnet), timing |
| VoIP | SIP, RTP | Call reconstruction, media stream extraction |
| Infrastructure | DHCP, NTP, SNMP, NetBIOS | Host identification, time correlation, network mapping |
From Raw PCAP to
Signed Findings
A structured, repeatable workflow — from ingest to signed findings — built for network forensics investigations.
Forensic Integrity at Every Step
Every analysis in Packet 360 begins with hash verification of the source capture file. Findings are structured, traceable, and exported with integrity hashes and a signed analysis report. All processing runs on your own infrastructure — no data leaves your environment at any point.
Packet 360 — Common Questions
What file formats does Packet 360 support?
Packet 360 supports standard .pcap and .pcapng capture files — compatible with Wireshark, tcpdump, Suricata, and most hardware capture appliances. No conversion required before loading.
Can Packet 360 handle large capture files?
Yes. Packet 360 is built for large captures — multi-gigabyte files are handled without splitting. Contact us for sizing guidance based on your expected data volumes.
Does Packet 360 reconstruct encrypted traffic?
Packet 360 analyses the full network envelope — IPs, ports, timing, TLS certificate metadata, SNI, and JA3/JA3S fingerprints — but cannot decrypt TLS/SSL content without session keys.
Can I extract files from a PCAP capture?
Yes. Packet 360 reconstructs and extracts files transferred over network flows. Each extracted file is catalogued with SHA-256 and MD5 hashes for integrity verification.
Is Packet 360 deployed on-premises?
Yes. Packet 360 runs entirely on your own infrastructure — no cloud upload, no telemetry, no external data transfer. Air-gapped deployment is supported.
Does Packet 360 work with DFL 360?
Yes. Network forensics findings, extracted artefacts, and analysis reports from Packet 360 can be filed directly into DFL 360 case records.
Ready to see Packet 360 in action?
Talk to us about your network forensics requirements. We'll walk you through a demonstration with a real-world capture scenario relevant to your work.