NetworkMiner 1.4 Released

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files.

NetworkMiner collects data (such as forensic evidence) about hosts on the network rather than to collect data regarding the traffic on the network. The main user interface view is host centric (information grouped per host) rather than packet centric (information showed as a list of packets/frames).

Change log:

DhcpPacketHandler.cs: DHCP option data is now extracted to the parameters tab. Thanks to Paul Cockayne for the idea.
IPv4Packet.cs: Fragmented IPv4 packets are now properly reassembled to full IP packets with payload.
IEC_60870-5-104Packet.cs: Implemented the SCADA protocol IEC 60870-5-104. Thanks to Aivar Liimets from Martem for his great support on this one!
PacketHandler.cs: Added proper timestamps to detected anomaly events and improved ARP poisoning reporting to anomalies tab.
NetworkMinerForm.cs: Verification of file extention is completely removed. Files with any extention can now be loaded, as long as they are valid libpcap files.
NetworkMinerForm.cs: Added “Clear GUI” button to Tools menu.
NetworkMinerForm.cs: Added option to show/hide cookies, NTLM challenge-responses as well as the ability to mask passwords in credentials tab.

Download NetworkMiner

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email