NetworkMiner
NetworkMiner is an open source network forensic analysis tool used to analyze network traffic, detect operating systems, sessions, hostnames, open ports etc. It can be used by network administrators and cybersecurity professionals.
forensics
traffic-analysis
network-security
NetworkMiner: Open Source Network Forensic Analysis Tool
NetworkMiner is an open source network forensic analysis tool used to analyze network traffic, detect operating systems, sessions, hostnames, open ports etc. It can be used by network administrators and cybersecurity professionals.
What is NetworkMiner?
NetworkMiner is an open source network forensic analysis tool used to analyze network traffic captures (PCAP files). It can detect operating systems, sessions, hostnames, open ports, passwords and more from network traffic using deep packet inspection techniques.
Some of the key features of NetworkMiner include:
- Detecting operating systems and versions from network traffic
- Extracting files transferred over the network like images and documents
- Reconstruction of web pages and images from network traffic
- Detecting credentials like usernames and passwords from network traffic
- Browsing and extracting files from FTP, HTTP and SMB file transfers
- Generating detailed reports about analyzed network traffic
NetworkMiner is very useful for network forensics analysis as it can give in-depth visibility into network traffic needed for security investigations, data breach analysis and network auditing. It runs on Windows and can analyze packet capture files (PCAP files) from any source.
The tool can be used by cybersecurity and network professionals like security analysts, network administrators, ethical hackers and digital forensic investigators. It provides useful network analysis capabilities for tasks like intrusion detection, data exfiltration analysis, network auditing and more.
NetworkMiner Features
Features
- Packet capture from live network
- Packet parsing and TCP reassembly
- Fingerprinting of operating systems
- Extraction of files transferred over the network
- Detection of hostnames and open ports
- Exporting of data for further analysis
Pricing
- Open Source
Pros
Open source and free
Runs on Windows and Linux
Good community support
Integrates with other tools like Wireshark
Easy to use GUI
Powerful command-line interface
Cons
Can only analyze pcap files, not live traffic
Limited reports and analytics features
Steep learning curve for advanced features
Not suitable for large enterprise deployments
Official Links
The Best NetworkMiner Alternatives
Top Network & Admin and Network Analysis and other similar apps like NetworkMiner
Here are some alternatives to NetworkMiner:
Suggest an alternative ❐
Wireshark
Wireshark is a free and open-source packet analyzer software. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Wireshark allows users to see what is happening on their network at a very granular level by inspecting the data packets that are sent and received.Some key...
Fiddler
Fiddler is a free web debugging proxy developed by Telerik that logs all HTTP(S) traffic between your computer and the Internet. It sits between your computer and the servers you communicate with acting as a proxy that allows you to intercept, inspect, modify, and debug traffic.Some key features of Fiddler...
HttpCanary
HttpCanary is an open-source network analysis app for Android. It enables users to fully inspect all HTTP traffic going to and from any app running on their Android device, including the request/response headers, body, content type, response code, cookies, and more.Some key features of HttpCanary include:SSL decryption and inspection of...
Charles
Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information).Key features of Charles...
Proxyman
Proxyman is a feature-rich proxy manager and tester for macOS. It makes it easy to capture, inspect, modify, replay and mock HTTP(S) requests and responses between your computer applications and the internet.With Proxyman you can:Create, organize, enable/disable and edit proxies with a user-friendly GUIModify requests and responses on the fly...
NetStumbler
NetStumbler is a wireless network scanner application originally released in 2001 for Windows. It is used to detect wireless networks and access points, view and record signal strength, identify network names (SSIDs), determine if encryption is enabled, and generally survey the wireless landscape in an area.Some key features of NetStumbler...
HTTP Debugger
An HTTP debugger is a developer tool that enables debugging, testing and inspection of HTTP requests/responses between a client and server. It provides detailed visibility into all aspects of HTTP communication including:HTTP headers like user-agent, accept types, encoding etc.Query parameters, form data and request payloadsResponse status codes, headers, cookies and...
Tcpdump
tcpdump is a powerful command-line packet analyzer that runs on Unix-like operating systems. It allows users to intercept, monitor, and acquire data flowing over a network or network segment.tcpdump works by putting the network interface controller (NIC) into promiscuous mode, which allows it to capture all traffic that passes over...
NetSpot
NetSpot is a Wi-Fi site survey tool used by IT professionals, network installers, and Wi-Fi consultants to analyze and troubleshoot Wi-Fi networks. It works on both Mac and Windows computers.Some key features of NetSpot include:Wi-Fi site surveys to measure signal strength, connectivity, throughput, interference, and moreHeatmaps showing coverage across floorplansAutomatic...
Airport Utility
AirPort Utility is a software application developed by Apple Inc. to configure and manage Wi-Fi wireless access points and routers manufactured by Apple, including AirPort base stations, AirPort Express units, and Time Capsules.With AirPort Utility, users can set up a new AirPort wireless network, join an existing wireless network, view...
HttpWatch
HttpWatch is a feature-rich developer tool used for debugging and analyzing HTTP(S) requests made between a web browser and server. It works by capturing all HTTP traffic, allowing developers to inspect the raw requests and responses, including headers, parameters, cookies, caching, timings, and more.Some key features of HttpWatch include:Monitoring all...
Colasoft Capsa
Colasoft Capsa is a comprehensive network analyzer and network packet sniffing software tool for Windows. It allows users to monitor network traffic, analyze network protocols, troubleshoot network issues, diagnose bandwidth usage, record voice over IP calls, and more.Key features of Colasoft Capsa include:Real-time capture and offline analysis of network packetsIn-depth...
Graphical HTTP Client
A graphical HTTP client is an application used for testing HTTP/HTTPS resources such as web APIs and web applications. It provides a user interface for constructing HTTP requests and reading HTTP responses.Key features of a graphical HTTP client include:GUI interface for creating requests - Unlike curl or a basic HTTP...
Packet Capture
Packet capture (also known as packet sniffing or network traffic monitoring) refers to software that intercepts and logs traffic passing over a digital network or part of a network. Packet capture software monitors all packets seen by the network interface controller (NIC).Packet capture tools are used for a variety of...
KisMAC
KisMAC is an open-source WiFi network discovery, security analysis, and intrusion detection tool designed specifically for macOS. Some key features of KisMAC include:Passive scanning to discover nearby WiFi networks, gather information like BSSID, channel, encryption type, and client devices connectedActive scanning with packet injection to test WiFi network security and...
Ethereal
Ethereal (now known as Wireshark) is a free and open-source packet analyzer and network protocol analyzer software. It is used for network troubleshooting, analysis, and communications protocol development. Ethereal runs on Unix-like operating systems including Linux, macOS, *BSD and Solaris.Some key features of Ethereal include:Capturing live packet data from a...
IwScanner
iwScanner is an open-source software tool for indoor mapping and indoor positioning over Wi-Fi networks. It allows users to easily scan indoor environments such as offices, shopping malls, airports, etc. and generate indoor maps for navigation and location-based services.Some key features of iwScanner:Scans Wi-Fi signals and creates interactive maps of...
Ettercap
Ettercap is a comprehensive network security tool for man-in-the-middle attacks on local area networks (LANs). It features a versatile plugin architecture and a variety of features for network and protocol analysis.Some key capabilities of Ettercap include:Perform man-in-the-middle attacks on a variety of protocols including Telnet, FTP, TFTP, HTTP, HTTPS, SNMP,...
Microsoft Network Monitor
Microsoft Network Monitor (NetMon) is a packet analyzer and sniffer tool for Windows that enables users to capture, view, and analyze network traffic. It provides advanced network diagnostic capabilities to help troubleshoot connectivity issues, analyze protocol behavior, debug client/server communications, and more.Some key features of Microsoft Network Monitor include:Real-time capture...
CloudShark
CloudShark is a software platform designed for network troubleshooting, analysis, and forensics. It allows users to upload packet capture (PCAP) files to the cloud and analyze them using a web browser, without needing to install any additional software.Some key features of CloudShark include:Intuitive web-based interface for browsing packet capturesPowerful analytics...
PCAPdroid
PCAPdroid is a powerful network protocol analyzer application for the Android platform. It allows users to capture, inspect, analyze, and save network traffic on their Android smartphones or tablets.Some key features of PCAPdroid include:Real-time capture and inspection of network packets on WiFi, cellular data, and Ethernet interfacesFilters for protocols, IP...
PacketSled
PacketSled is a network forensics and monitoring platform designed to provide security analysts with real-time analysis and forensic capabilities for monitoring networks. It captures and analyzes packet data, content, and metadata to detect intrusions, malware, data exfiltration, and other suspicious activities.Key features of PacketSled include:Real-time monitoring and analysis of network...
LANGuardian
LANGuardian is a comprehensive web filtering and monitoring solution designed specifically for use in schools and libraries. It enables administrators to control what websites and online content students can access on school-issued devices to prevent them from viewing inappropriate or harmful material.Key features of LANGuardian include:Granular content filtering that blocks...
Nethogs
Nethogs is a free and open source software application for Linux that monitors network traffic usage in real-time and displays bandwidth usage per process. It enables users to see which processes on a system are using the most network bandwidth.Some key features of Nethogs include:Real-time visibility into bandwidth usage per...
Surge for Mac
Surge for Mac is a developer tool focused on static web projects. It allows web developers and designers to build, test, preview, and publish static websites and web apps directly on their local computer.Some key features of Surge for Mac include:Built-in, intuitive web server - Makes sites hosted with Surge...
Pirni Pro
Pirni Pro is a feature-rich vector graphics editor designed for illustrators, web and graphic designers. It provides a wide array of powerful tools for creating impressive 2D graphics easily and efficiently.Key features include:Intuitive vector drawing and shape toolsAdvanced typography controlsFlexible gradient and pattern fillsSmooth curve editing with bezier handlesPhoto editing...
RESTed
RESTed is an open-source, cross-platform REST API testing application. It provides a simple and intuitive interface for sending HTTP requests to test REST APIs and view their responses.Some key features of RESTed:Supports all HTTP methods like GET, POST, PUT, DELETE, OPTIONS, PATCH etc.Allows adding custom HTTP headers and body payloadIncludes...
Debookee
Debookee is a free and open source web browser that focuses on enhancing users' security, privacy protection, and productivity while browsing the web. It is based on Chromium and developed by an independent team of developers.Some key features that make Debookee stand out include:Built-in ad blocking and anti-tracking without extensionsEnhanced...
SmartSniff
SmartSniff is a comprehensive network analyzer and packet sniffing software used for network monitoring, analysis, and troubleshooting. It allows users to capture, inspect and log traffic passing through Ethernet and wireless network connections in real-time.With an easy-to-use graphical interface, SmartSniff provides powerful capabilities for gathering insights into network activity and...
HTTPScoop
HTTPScoop is an open-source web debugging proxy built for debugging and testing modern web applications that use HTTPS. It allows developers to intercept, inspect, and modify HTTPS traffic from their web apps or sites.Some key features of HTTPScoop include:Works as a reverse proxy to decrypt, analyze, and re-encrypt HTTPS traffic...
Microsoft Message Analyzer
Microsoft Message Analyzer is a powerful tool for capturing, displaying, and analyzing network traffic and diagnosing issues with systems and applications. Some key features include:Capturing live network traffic or importing capture files (like .pcap files)Powerful filtering, searching, and analysis of network traffic and log messages Displays traffic flow sequence, conversation...
Weer
Weer is a weather app tailored for outdoor adventurers, travelers, and nature lovers. It sets itself apart from traditional weather apps by focusing on hyperlocal weather conditions using data from a crowdsourced network of personal weather stations.Instead of relying solely on airport and government weather stations located miles away, Weer...
Tcpflow
tcpflow is an open source command line tool for capturing TCP traffic flows going through a network. It works by capturing packets from live network interfaces or from packet capture (pcap) files, reassembling TCP streams and sessions, and storing the transmitted application-layer data with relevant TCP metadata like sequence numbers...
NetSleuth
NetSleuth is a robust network monitoring and analytics solution designed to provide granular visibility into critical network and application performance metrics. The software includes the following key capabilities:Automatic network mapping and asset discovery - NetSleuth automatically discovers all devices on your network and maps network topology and dependencies.Customizable dashboards -...
LanDetective
LanDetective is a network security and administration software tool designed for Windows operating systems. It enables users to scan local area networks (LANs) to identify vulnerabilities, open ports, and other security risks.Some key features of LanDetective include:Comprehensive port scanning to detect open TCP and UDP ports on network hostsBanner grabbing...
Packetyzer
Packetyzer is a powerful and easy-to-use network protocol analyzer and packet sniffer for Windows. It allows you to monitor, analyze, and troubleshoot network traffic by capturing live packets, decoding protocols in real-time, generating statistics, checking for errors, and exporting data.Some key features of Packetyzer include:Captures live packets from Ethernet, WiFi,...
Uthrottle
Uthrottle is a free, open-source internet traffic shaper and bandwidth limiter application for Windows. It gives users control over their internet bandwidth usage by allowing them to set limits for both overall usage as well as on a per-application basis.Some key features of Uthrottle include:Set global download/upload speed limits for...
GraphicalHttpClient
GraphicalHttpClient is an open-source, cross-platform application that provides a graphical user interface for sending HTTP requests and viewing HTTP responses.Some of the key features of GraphicalHttpClient include:Supports common HTTP methods like GET, POST, PUT, DELETE, etc.Allows composing requests by entering URLs, headers, query parameters, and request bodiesDisplays full server response...
Slowy
Slowy is a free and open-source cross-platform media player application designed with simplicity in mind. Originally developed as a minimalist audio player, Slowy has evolved to support a wide range of media codecs and formats including support for audio formats like MP3, FLAC, WAV as well as support for common...
PacketsDump
PacketsDump is a powerful and free network packet analyzer and sniffer software for Windows. It provides extensive capabilities for capturing, filtering, analyzing, and troubleshooting network traffic. Some key features of PacketsDump include:Real-time capture and offline analysis of network packetsSupport for common protocols like TCP, UDP, ICMP, HTTP, DNS, and moreDetailed...
Termshark
Termshark is a powerful network protocol analyzer that runs entirely in your terminal. It provides functionality similar to the popular Wireshark tool but without requiring an X Window environment. Just like Wireshark, Termshark allows you to capture packets in real-time, filter them based on various criteria, inspect protocol data, extract...
