The NetworkMiner από την Netresec είναι ένα εργαλείο Forensic για την ανάλυση δικτύων (NFAT) σχεδιασμένο για Windows. (αλλά λειτουργεί επίσης σε Linux / Mac OS X / FreeBSD).
NetworkMiner can be used as a passive tool sniffing στο δίκτυο προκειμένου να εντοπίσει λειτουργικά συστήματα, συνεδρίες, ονόματα κεντρικών υπολογιστών, να ανοίξει ports κ.λπ., χωρίς όμως να φορτώνει το δίκτυο.
NetworkMiner collects data for network computers and not traffic data on the network. You still support os fingerprinting through the Satori and p0f databases and WiFi sniffing via AirPcap.
NetworkMiner can extract files and certificates transferred over the network by analyzing a PCAP file. This is a function that can be used to export and save files media (such as audio or video files or which pages you visit) that exist on a network. Supported protocols for exporting files are FTP, TFTP, HTTP, SMB and SMTP.
The user's credentials (usernames and passwords) for the supported protocols are displayed in the "Credentials" tab. The credentials tab sometimes also shows information that can be used to identify a specific person, such as user accounts for popular online services such as Gmail or Facebook.
There is also a commercial version of NetworkMiner. The commercial version is called NetworkMiner Professional and features additional features such as:
- Independent Port Recognition Protocol (PIPI)
- Export results to CSV / Excel
- Editable catalog output file
- Geo IP tracking
- Host Color Support
- Command scripting support command
- Portable USB application
NetworkMiner is a forensic tool that has become popular since the first edition of 2007 and is currently used by companies and organizations around the world.
http://www.netresec.com/?page=Νetworkminer
Download NetworkMiner (free edition)
Dimitris Moutsikas, Konstantinos Samiotis Wikibooks