NetworkMiner 0.88 ReleasedJune 7, 2009 – 8:42 PM
NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows that can detect the OS, hostname and open ports of network hosts through packet sniffing or by parsing a PCAP file. NetworkMiner can also extract transmitted files from network traffic.
New functionalities in the v 0.88 release are:
- Support for the Cisco HDLC (cHDLC) layer 2 protocol
- Support for Linux cooked captures (a layer 2 packet format often generated by tcpdump)
- Support for IPv6
- Parsing of SSH (only to extract SSH version and application banner to “host details”, I’m not trying to bruteforce the SSH encryption key or Diffie-Hellman handshake)
- Parsing of the Spotify authentication protocol to extract the Spotify username (displayed under “credentials”)
- Parsing of the SIP protocol (used in VoIP) to extract the SIP username (often an email address) and display it under “host details”
You must be logged in to post a comment.