NetworkMiner is a Network Forensic Analysis Tool or NFAT designed to be used as a passive network sniffer, in other terms as a packet capturing tool. It can detect operating systems, sessions, hostnames and open ports while making no internet traffic at all. Furthermore, PCAP files can be parsed in order to make off-line analysis or regenerate transmitted files and certificates. It does that by gathering data on the network, this being the reason why the interface is host centric.
With this program one can extract and save media files which are streamed across the network from different websites. The protocols it supports are FTP, TFTP, HTTP and SMB. Keyword based search and user credentials displaying are also available.
- Live sniffing
- Parse PCAP files
- OS Fingerprinting
- 0.581 MB/s PCAP parsing speed