We have released NetworkMiner 2.0 this week. However, please note that we have decided not to coninue hosting the software on SourceForge any longer. So please get your latest version of NetworkMiner here:
New features in version 1.6 of NetworkMiner include:
NetworkMiner 1.3 is now released!
Read more on our blog: http://netresec.com/?b=1240207
More info available on the Netresec Blog:
NetworkMiner version 1.1 is now released on SourceForge! More information is available on the Netresec blog:
Did you know that we at NETRESEC are running a blog that covers detailed functionality of NetworkMiner as well as other topics in the network security / network forensics field?
You can fin our blog over at:
The RSS feed is available from:
NetworkMiner is now is stable and mature enough to advance to version "1.0".
I have therefore released NetworkMiner 1.0 on SourceForge today!
Here are some new features in NetworkMiner since the previous version:
* Support for Per-Packet Information header (WTAP_ENCAP_PPI) as used by Kismet and sometimes Wireshark WiFi sniffing.
* Extraction of Facebook as well as Twitter messages into the message tab. Added support to extract emails sent with Microsoft Hotmail (I.e. Windows Live) into Messages tab.
* Extraction of twitter passwords from when settings are changed. Facebook user account names are also extracted (but not Facebook passwords).
* Extraction of gmailchat parameter from cookies in order to identify users through their Google account logins.
* Protocol parser for Syslog. Syslog messages are displayed on the Parameter tab.... read more
A nice blog post, describing how to run NetworkMiner under *nix based OS’s, was recently posted by C.S. Lee. The blog post shows how to install Wine in Ubuntu Linux, and then how to launch NetworkMiner using Wine.
Read the whole blog post at:
The newly released version 0.84 of NetworkMiner supports live sniffing of WLAN traffic (IEEE 802.11). This allows users to perform wireless network forensic analysis on any Windows machine with an AirPcap adapter installed. The RadioTap protocol as well as the Logical Link Control (LLC) protocol are also implemented in order to extract as much information as possible about the hosts communicating over a WLAN.... read more
Do you have access to a large number of PCAP files, a monitor port (SPAN port or network tap) on a busy switch/router or do you practice the art of Wi-Fi sniffing? Then you're the person I'm looking for!
When developing dissectors for various protocols I need to test/evaluate my implementations with real network traffic. This is a complicated task for me since I don't have any access to network traffic other than my own.... read more
NetworkMiner can now be used to extract files sent with HTTP, SMB or TFTP from a PCAP file. This can be used in order to perform off-line analyzis of sniffed traffic or in order to save streamed audio/video files to disk.