Recently I got a chance to try NetworkMiner. It’s a network forensics program. It can be used as a passive network sniffer to detect :

  • operating systems
  • sessions
  • hostnames
  • open ports
  • etc

It can also be used to analyze PCAP files.

The main purpose of NetworkMiner is to collect hosts data.

One drawback of this tool is that it needs .NET Framework. :( Other than that it’s a great tool to help you in network forensics.

Before you can use NetworkMiner, you have to make sure your system already has the following software packages :

To install NetworkMiner just download the package from

The latest version at the time of this writing is version 0.88.

After download the package, unzip it, and you will find a NetworkMiner.exe file. Just do a double-click on that file to run NetworkMiner.

Here is my NetworkMiner in action, analyzing a PCAP file :


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s