NetworkMiner (free edition) | NetworkMiner Professional | |
---|---|---|
Live sniffing | ||
Parse PCAP files | ||
Parse PcapNG files | ||
IPv6 support | ||
Extract files from FTP, TFTP, HTTP, HTTP/2, SMB, SMB2, SMTP, POP3 and IMAP traffic | ||
Extract X.509 certificates from SSL encrypted traffic like HTTPS, SMTPS, IMAPS, POP3S, FTPS etc. | ||
Decapsulation of GRE, 802.1Q, PPPoE, VXLAN, OpenFlow, SOCKS, MPLS and EoMPLS | ||
Receive Pcap-over-IP | ||
Runs in Windows and Linux | ||
OS Fingerprinting (*) | ||
Audio extraction and playback of VoIP calls | ||
OSINT lookups of file hashes, IP addresses, domain names and URLs | ||
Port Independent Protocol Identification (PIPI) | ||
User Defined Port-to-Protocol Mappings (decode as) | ||
Export to CSV / Excel / XML / CASE / JSON-LD | ||
Configurable file output directory | ||
Configurable time zone (UTC, local or custom) | ||
Geo IP localization (**) | ||
DNS Whitelisting (***) | ||
Advanced OS fingerprinting | ||
Web browser tracing (4:10 into this video) | ||
Online ad and tracker detection | ||
Host coloring support | ||
Command line scripting support | (through NetworkMinerCLI) | |
Price | Free | $ 900 USD |
Download NetworkMiner | ||
* Fingerprinting of Operating Systems (OS) is performed by using databases from Satori and p0f ** This product includes GeoLite data created by MaxMind, available from http://maxmind.com/ *** Domain names in the DNS tab are checked against the Alexa top 1,000,000 sites |
Version | Release Date | Major Improvements |
---|---|---|
JA3 hash extraction and parsers for the HTTP/2, DoH and CIFS browser protocol. | ||
Username extraction from Kerberos traffic, ICS device fingerprinting and improved Linux support. | ||
Improved email and VoIP call extraction. | ||
VoIP call audio extraction and playback as well as OSINT lookups of file hashes, IP addresses, domain names and URLs. | ||
Faster parsing speed (x2) and CASE export. | ||
Improved HTTP parser. | ||
NetworkMiner 2.1 | 2017-01-11 | New protocols: POP3, IMAP, VXLAN, OpenFlow and SOCKS. |
NetworkMiner 2.0 | 2016-02-09 | New protocols: SMB2 and Modbus/TCP. |
NetworkMiner 1.6 | 2014-06-16 | Improved SMTP and DNS parsing. |
NetworkMiner 1.5 | 2013-08-07 | New protocols: PPPoE and LLMNR, fixed two vulnerabilities. |
NetworkMiner 1.4 | 2012-08-16 | New protocol: IEC 60870-5-104. |
NetworkMiner 1.3 | 2012-04-12 | Username and password from HTTP Digest Authentication (RFC 2617). |
NetworkMiner 1.2 | 2011-11-19 | New protocol: GRE, platform independent (works in Linux, Mac OSX etc). |
NetworkMiner 1.1 | 2011-09-15 | New protocol: PPP. Screen resolution, color depth, browser language and flash version extracted from Google Analytics. |
NetworkMiner 0.71 | 2007-02-16 | First public release of NetworkMiner. |