Category : Plug-Ins

Submitted By : Chris Bloom

Downloaded : 183 Times

View Comments (0)

Google Maps Plugin

The Google Maps Plugin for OmniPeek is back! The Google Maps Plugin, the most downloaded plugin in the history of plugins, has been brought up to date to work with the latest version of OmniPeek

Here is a short video demonstration

The Google Map Plugin is an ideal tool for Security Forensics Investigations. The Google Map Plugin displays the location of public IP addresses in the Google Map. This makes it easy and visual to identify where traffic is flowing. Hovering over each IP address location will display the IP address. Clicking on it will display a dialog with more information about the IP address, as well as some links to learn more about it.





The Google Maps Plugin has options to control how often the map is updated, the maximum number of addresses to display, and whether to reset the map on each update. With reset off, the map will accumulate address up to the specified maximum. With reset on, the map will only display the addresses since the previous update. Both options are useful. Reset is particularly helpful in showing the most recent activity, and keeping the map less busy.



The Google Maps Plugin alows you to define your own custom node locations. In the example below, we have created a custom node for an IP address that appears in Cuba. It was originally somewhere in California.



And last but not least, the Google Map Plugin has has options in Tools->Options->Analysis Modulesto define multiple maps in each capture window



To install the Google Maps Plugin, first download and unzip the Executable file. If you are using OmniPeek 32 bit, then copy googlemap32.dll in c:Program Files (x86)SavviusOmniPeekPlugins. If you are using OmniPeek 64 bit, then copy googlemap64.dll in c:Program FilesSavviusOmniPeekPlugins.


This page also includes the source code. And if you want to host the geolocation lookup yourself, the php files are included in the source folder.