NetworkMiner 0.88 Released

June 7, 2009 – 8:42 PM

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows that can detect the OS, hostname and open ports of network hosts through packet sniffing or by parsing a PCAP file. NetworkMiner can also extract transmitted files from network traffic.

New functionalities in the v 0.88 release are:

  • Support for the Cisco HDLC (cHDLC) layer 2 protocol
  • Support for Linux cooked captures (a layer 2 packet format often generated by tcpdump)
  • Support for IPv6
  • Parsing of SSH (only to extract SSH version and application banner to “host details”, I’m not trying to bruteforce the SSH encryption key or Diffie-Hellman handshake)
  • Parsing of the Spotify authentication protocol to extract the Spotify username (displayed under “credentials”)
  • Parsing of the SIP protocol (used in VoIP) to extract the SIP username (often an email address) and display it under “host details”


You must be logged in to post a comment.