Nytro Posted August 16, 2012 Report Posted August 16, 2012 [h=1]UPDATE: NetworkMiner 1.4![/h]August 16, 2012 - 3:33 pm By Mayuresh“NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files.NetworkMiner collects data (such as forensic evidence) about hosts on the network rather than to collect data regarding the traffic on the network. The main user interface view is host centric (information grouped per host) rather than packet centric (information showed as a list of packets/frames).”[h=2]Official change log for NetworkMiner 1.4:[/h] DhcpPacketHandler.cs: DHCP option data is now extracted to the parameters tab. Thanks to Paul Cockayne for the idea.IPv4Packet.cs: Fragmented IPv4 packets are now properly reassembled to full IP packets with payload.IEC_60870-5-104Packet.cs: Implemented the SCADA protocol IEC 60870-5-104. Thanks to Aivar Liimets from Martem for his great support on this one!PacketHandler.cs: Added proper timestamps to detected anomaly events and improved ARP poisoning reporting to anomalies tab.NetworkMinerForm.cs: Verification of file extention is completely removed. Files with any extention can now be loaded, as long as they are valid libpcap files.NetworkMinerForm.cs: Added “Clear GUI” button to Tools menu.NetworkMinerForm.cs: Added option to show/hide cookies, NTLM challenge-responses as well as the ability to mask passwords in credentials tab.According to us, the highlight of this release is the addition of the SCADA protocol! [h=3]Download NetworkMiner:[/h] NetworkMiner 1.4 – NetworkMiner_1-4.zip/NetworkMiner_1-4_source.zipSursa: NetworkMiner version 1.4! — PenTestIT Quote
