Audience
Digital forensics investigators looking for a tool to reconstruct files, images, emails and other artifacts from captured network traffic
About NetworkMiner
NetworkMiner is a network forensics tool that extracts artifacts such as files, images, emails, and passwords from captured network traffic in PCAP files. It can also capture live network traffic by sniffing a network interface. Detailed information about each IP address in the analyzed network traffic is aggregated into a network host inventory, which can be used for passive asset discovery and to get an overview of communicating devices. NetworkMiner is primarily designed to run on Windows but can also be used on Linux. Since its first release in 2007, it has become a popular tool among incident response teams and law enforcement and is used by companies and organizations worldwide.
Other Popular Alternatives & Related Software
Xplico
Xplico is installed in the major distributions of digital forensics and penetration testing: Kali Linix, BackTrack, DEFT, Security Onion, Matriux, BackBox, CERT Forensics Tools, Pentoo and CERT-Toolkit. Xplico allows concurrent access by multiple users. Any user can manage one or more Cases. The UI is a Web User Interface and its backend DB can be SQLite, MySQL or PostgreSQL. Xplico can be used as a Cloud Network Forensic Analysis Tool. The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT). At each data reassembled by Xplico is associated a XML file that uniquely identifies the flows and the pcap containing the data reassembled.
Learn more
Sniffnet
Sniffnet is a network monitoring tool designed to help users easily keep track of their Internet traffic. Whether gathering statistics or inspecting in-depth network activities, Sniffnet provides comprehensive coverage. It emphasizes user experience, ensuring ease of use compared to other cumbersome network analyzers. Completely free and open source, Sniffnet is dual-licensed under MIT or Apache-2.0, with the full source code available on GitHub. Developed entirely in Rust, it leverages this modern programming language to build efficient and reliable software, emphasizing performance and safety. Key features include selecting a network adapter to inspect, applying filters to observed traffic, viewing overall statistics and real-time charts of Internet traffic, exporting comprehensive capture reports as PCAP files, identifying over 6,000 upper-layer services, protocols, trojans, and worms, discovering domain names and ASNs of hosts, pinpointing connections in the local network.
Learn more
Obkio
Network Performance Monitoring Made Easy. Obkio is a simple Network Monitoring and Troubleshooting SaaS solution that allows users to continuously monitor the health of their network and core business applications to improve the end-user experience.
The innovative software application identifies the causes of intermittent network, VoIP, video, and applications slowdown in seconds and collect information to quickly troubleshoot problems before they affect your end-users.
Deploy network monitoring Agents at strategic locations in a company's offices or network destinations such as data sites, remote sites, external client sites, or public or private clouds to continuously monitor performance using synthetic traffic exchanged every 500ms.
Obkio's Agents give you a 360-degree overview of your network by measuring the network metrics like matter most (jitter, latency, packet loss, VoIP quality), and alerting you of any performance degradation.
Learn more
Riverbed Packet Analyzer
Riverbed Packet Analyzer accelerates real-time network packet analysis and reporting of large trace files through an intuitive graphical user interface and a broad selection of pre-defined analysis views. It enables users to quickly identify and troubleshoot complex network and application performance issues down to the bit level, with full integration with Wireshark. By simply dragging and dropping preconfigured analysis views onto a group of virtual interfaces or a packet trace file, users can see results immediately, transforming hours of work into seconds. The tool facilitates the capture and merging of multiple trace files, allowing for precise pinpointing of problems across multiple segments. Additionally, it provides the capability to zoom into a 100-microsecond view of the network to identify utilization spikes or microbursts that can saturate a gigabit network and cause significant issues.
Learn more
Pricing
Starting Price:
$1,300 one-time payment
Free Version:
Free Version available.
Integrations
No integrations listed.
Company Information
Netresec
Founded: 2010
Sweden
www.netresec.com/
Videos and Screen Captures
Other Useful Business Software
Find Hidden Risks in Windows Task Scheduler
Windows Task Scheduler might be hiding critical failures. Download the free JAMS diagnostic tool to uncover problems before they impact production—get a color-coded risk report with clear remediation steps in minutes.
Product Details
Platforms Supported
Windows
Linux
Training
Documentation
Live Online
In Person
Videos
Support
Phone Support
Online
