* Fingerprinting of Operating Systems (OS) is performed by using databases from Satori and p0f User Defined Port-to-Protocol Mappings (decode as)Įxport to CSV / Excel / XML / CASE / JSON-LDĬonfigurable time zone (UTC, local or custom) OSINT lookups of file hashes, IP addresses, domain names and URLs Host inventory in NetworkMiner NetworkMinerĮxtract files from FTP, TFTP, HTTP, HTTP/2, SMB, SMB2, SMTP, POP3, IMAP and LPR trafficĮxtract X.509 certificates from SSL encrypted traffic like HTTPS, SMTPS, IMAPS, POP3S, FTPS etc.ĭecapsulation of GRE, 802.1Q, PPPoE, VXLAN, OpenFlow, SOCKS, MPLS, EoMPLS and ERSPANĪudio extraction and playback of VoIP calls NetworkMiner is today used by companies and organizations all over the world. NetworkMiner has, since the first release in 2007, become a popular tool among incident response teams as well as law enforcement. ![]() ![]() NetworkMiner is primarily designed to run in Windows, but can also be used in Linux. Detailed information about each IP address in the analyzed network traffic is aggregated to a network host inventory, which can be used for passive asset discovery as well as to get an overview of which devices that are communicating. NetworkMiner can also be used to capture live network traffic by sniffing a network interface. ![]() NetworkMiner is an open source network forensics tool that extracts artifacts, such as files, images, emails and passwords, from captured network traffic in PCAP files.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |