Install: Just download the script from the following link
Usage: python findfile.py <path/to/pcap>
Link: github.com/vigneshsrao/CTF-Forensics-scripts
This script can detect files embedded in network capture files and also dump those files out. Wireshark has this file detection and dumping facility inbuilt, but it works only with a limited set of protocols. For example, it does not work if the protocol of the capture file is USB protocol.
This is pretty useful in CTF events, when the number of packets are large and we are required to find a particular file within the capture. Since the detection check is pretty weak, many false alarms are triggred, and corrupted files are dumped.