NetworkMiner

Recently I got a chance to try NetworkMiner. It’s a network forensics program. It can be used as a passive network sniffer to detect :

  • operating systems
  • sessions
  • hostnames
  • open ports
  • etc

It can also be used to analyze PCAP files.

The main purpose of NetworkMiner is to collect hosts data.

One drawback of this tool is that it needs .NET Framework. :( Other than that it’s a great tool to help you in network forensics.

Before you can use NetworkMiner, you have to make sure your system already has the following software packages :

To install NetworkMiner just download the package from http://sourceforge.net/projects/networkminer/

The latest version at the time of this writing is version 0.88.

After download the package, unzip it, and you will find a NetworkMiner.exe file. Just do a double-click on that file to run NetworkMiner.

Here is my NetworkMiner in action, analyzing a PCAP file :

networkminer

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s