NetworkMiner

NetworkMiner

NetworkMiner is an open source network forensic analysis tool used to analyze network traffic, detect operating systems, sessions, hostnames, open ports etc. It can be used by network administrators and cybersecurity professionals.
NetworkMiner image
forensics traffic-analysis network-security

NetworkMiner: Open Source Network Forensic Analysis Tool

NetworkMiner is an open source network forensic analysis tool used to analyze network traffic, detect operating systems, sessions, hostnames, open ports etc. It can be used by network administrators and cybersecurity professionals.

What is NetworkMiner?

NetworkMiner is an open source network forensic analysis tool used to analyze network traffic captures (PCAP files). It can detect operating systems, sessions, hostnames, open ports, passwords and more from network traffic using deep packet inspection techniques.

Some of the key features of NetworkMiner include:

  • Detecting operating systems and versions from network traffic
  • Extracting files transferred over the network like images and documents
  • Reconstruction of web pages and images from network traffic
  • Detecting credentials like usernames and passwords from network traffic
  • Browsing and extracting files from FTP, HTTP and SMB file transfers
  • Generating detailed reports about analyzed network traffic

NetworkMiner is very useful for network forensics analysis as it can give in-depth visibility into network traffic needed for security investigations, data breach analysis and network auditing. It runs on Windows and can analyze packet capture files (PCAP files) from any source.

The tool can be used by cybersecurity and network professionals like security analysts, network administrators, ethical hackers and digital forensic investigators. It provides useful network analysis capabilities for tasks like intrusion detection, data exfiltration analysis, network auditing and more.

NetworkMiner Features

Features

  1. Packet capture from live network
  2. Packet parsing and TCP reassembly
  3. Fingerprinting of operating systems
  4. Extraction of files transferred over the network
  5. Detection of hostnames and open ports
  6. Exporting of data for further analysis

Pricing

  • Open Source

Pros

Open source and free

Runs on Windows and Linux

Good community support

Integrates with other tools like Wireshark

Easy to use GUI

Powerful command-line interface

Cons

Can only analyze pcap files, not live traffic

Limited reports and analytics features

Steep learning curve for advanced features

Not suitable for large enterprise deployments


The Best NetworkMiner Alternatives

Top Network & Admin and Network Analysis and other similar apps like NetworkMiner


Wireshark icon

Wireshark

Wireshark is a free and open-source packet analyzer software. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Wireshark allows users to see what is happening on their network at a very granular level by inspecting the data packets that are sent and received.Some key...
Wireshark image
Fiddler icon

Fiddler

Fiddler is a free web debugging proxy developed by Telerik that logs all HTTP(S) traffic between your computer and the Internet. It sits between your computer and the servers you communicate with acting as a proxy that allows you to intercept, inspect, modify, and debug traffic.Some key features of Fiddler...
Fiddler image
HttpCanary icon

HttpCanary

HttpCanary is an open-source network analysis app for Android. It enables users to fully inspect all HTTP traffic going to and from any app running on their Android device, including the request/response headers, body, content type, response code, cookies, and more.Some key features of HttpCanary include:SSL decryption and inspection of...
HttpCanary image
Charles icon

Charles

Charles is an HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information).Key features of Charles...
Charles image
Proxyman icon

Proxyman

Proxyman is a feature-rich proxy manager and tester for macOS. It makes it easy to capture, inspect, modify, replay and mock HTTP(S) requests and responses between your computer applications and the internet.With Proxyman you can:Create, organize, enable/disable and edit proxies with a user-friendly GUIModify requests and responses on the fly...
Proxyman image
NetStumbler icon

NetStumbler

NetStumbler is a wireless network scanner application originally released in 2001 for Windows. It is used to detect wireless networks and access points, view and record signal strength, identify network names (SSIDs), determine if encryption is enabled, and generally survey the wireless landscape in an area.Some key features of NetStumbler...
HTTP Debugger icon

HTTP Debugger

An HTTP debugger is a developer tool that enables debugging, testing and inspection of HTTP requests/responses between a client and server. It provides detailed visibility into all aspects of HTTP communication including:HTTP headers like user-agent, accept types, encoding etc.Query parameters, form data and request payloadsResponse status codes, headers, cookies and...
HTTP Debugger image
Tcpdump icon

Tcpdump

tcpdump is a powerful command-line packet analyzer that runs on Unix-like operating systems. It allows users to intercept, monitor, and acquire data flowing over a network or network segment.tcpdump works by putting the network interface controller (NIC) into promiscuous mode, which allows it to capture all traffic that passes over...
Tcpdump image
NetSpot icon

NetSpot

NetSpot is a Wi-Fi site survey tool used by IT professionals, network installers, and Wi-Fi consultants to analyze and troubleshoot Wi-Fi networks. It works on both Mac and Windows computers.Some key features of NetSpot include:Wi-Fi site surveys to measure signal strength, connectivity, throughput, interference, and moreHeatmaps showing coverage across floorplansAutomatic...
NetSpot image
Airport Utility icon

Airport Utility

AirPort Utility is a software application developed by Apple Inc. to configure and manage Wi-Fi wireless access points and routers manufactured by Apple, including AirPort base stations, AirPort Express units, and Time Capsules.With AirPort Utility, users can set up a new AirPort wireless network, join an existing wireless network, view...
Airport Utility image
HttpWatch icon

HttpWatch

HttpWatch is a feature-rich developer tool used for debugging and analyzing HTTP(S) requests made between a web browser and server. It works by capturing all HTTP traffic, allowing developers to inspect the raw requests and responses, including headers, parameters, cookies, caching, timings, and more.Some key features of HttpWatch include:Monitoring all...
HttpWatch image
Colasoft Capsa icon

Colasoft Capsa

Colasoft Capsa is a comprehensive network analyzer and network packet sniffing software tool for Windows. It allows users to monitor network traffic, analyze network protocols, troubleshoot network issues, diagnose bandwidth usage, record voice over IP calls, and more.Key features of Colasoft Capsa include:Real-time capture and offline analysis of network packetsIn-depth...
Colasoft Capsa image
Graphical HTTP Client icon

Graphical HTTP Client

A graphical HTTP client is an application used for testing HTTP/HTTPS resources such as web APIs and web applications. It provides a user interface for constructing HTTP requests and reading HTTP responses.Key features of a graphical HTTP client include:GUI interface for creating requests - Unlike curl or a basic HTTP...
Graphical HTTP Client image
Packet Capture icon

Packet Capture

Packet capture (also known as packet sniffing or network traffic monitoring) refers to software that intercepts and logs traffic passing over a digital network or part of a network. Packet capture software monitors all packets seen by the network interface controller (NIC).Packet capture tools are used for a variety of...
Packet Capture image
KisMAC icon

KisMAC

KisMAC is an open-source WiFi network discovery, security analysis, and intrusion detection tool designed specifically for macOS. Some key features of KisMAC include:Passive scanning to discover nearby WiFi networks, gather information like BSSID, channel, encryption type, and client devices connectedActive scanning with packet injection to test WiFi network security and...
KisMAC image
Ethereal icon

Ethereal

Ethereal (now known as Wireshark) is a free and open-source packet analyzer and network protocol analyzer software. It is used for network troubleshooting, analysis, and communications protocol development. Ethereal runs on Unix-like operating systems including Linux, macOS, *BSD and Solaris.Some key features of Ethereal include:Capturing live packet data from a...
IwScanner icon

IwScanner

iwScanner is an open-source software tool for indoor mapping and indoor positioning over Wi-Fi networks. It allows users to easily scan indoor environments such as offices, shopping malls, airports, etc. and generate indoor maps for navigation and location-based services.Some key features of iwScanner:Scans Wi-Fi signals and creates interactive maps of...
IwScanner image
Ettercap icon

Ettercap

Ettercap is a comprehensive network security tool for man-in-the-middle attacks on local area networks (LANs). It features a versatile plugin architecture and a variety of features for network and protocol analysis.Some key capabilities of Ettercap include:Perform man-in-the-middle attacks on a variety of protocols including Telnet, FTP, TFTP, HTTP, HTTPS, SNMP,...
Ettercap image
Microsoft Network Monitor icon

Microsoft Network Monitor

Microsoft Network Monitor (NetMon) is a packet analyzer and sniffer tool for Windows that enables users to capture, view, and analyze network traffic. It provides advanced network diagnostic capabilities to help troubleshoot connectivity issues, analyze protocol behavior, debug client/server communications, and more.Some key features of Microsoft Network Monitor include:Real-time capture...
Microsoft Network Monitor image
CloudShark icon

CloudShark

CloudShark is a software platform designed for network troubleshooting, analysis, and forensics. It allows users to upload packet capture (PCAP) files to the cloud and analyze them using a web browser, without needing to install any additional software.Some key features of CloudShark include:Intuitive web-based interface for browsing packet capturesPowerful analytics...
CloudShark image
PCAPdroid icon

PCAPdroid

PCAPdroid is a powerful network protocol analyzer application for the Android platform. It allows users to capture, inspect, analyze, and save network traffic on their Android smartphones or tablets.Some key features of PCAPdroid include:Real-time capture and inspection of network packets on WiFi, cellular data, and Ethernet interfacesFilters for protocols, IP...
PCAPdroid image
PacketSled icon

PacketSled

PacketSled is a network forensics and monitoring platform designed to provide security analysts with real-time analysis and forensic capabilities for monitoring networks. It captures and analyzes packet data, content, and metadata to detect intrusions, malware, data exfiltration, and other suspicious activities.Key features of PacketSled include:Real-time monitoring and analysis of network...
LANGuardian icon

LANGuardian

LANGuardian is a comprehensive web filtering and monitoring solution designed specifically for use in schools and libraries. It enables administrators to control what websites and online content students can access on school-issued devices to prevent them from viewing inappropriate or harmful material.Key features of LANGuardian include:Granular content filtering that blocks...
LANGuardian image
Nethogs icon

Nethogs

Nethogs is a free and open source software application for Linux that monitors network traffic usage in real-time and displays bandwidth usage per process. It enables users to see which processes on a system are using the most network bandwidth.Some key features of Nethogs include:Real-time visibility into bandwidth usage per...
Nethogs image
Surge for Mac icon

Surge for Mac

Surge for Mac is a developer tool focused on static web projects. It allows web developers and designers to build, test, preview, and publish static websites and web apps directly on their local computer.Some key features of Surge for Mac include:Built-in, intuitive web server - Makes sites hosted with Surge...
Surge for Mac image
Pirni Pro icon

Pirni Pro

Pirni Pro is a feature-rich vector graphics editor designed for illustrators, web and graphic designers. It provides a wide array of powerful tools for creating impressive 2D graphics easily and efficiently.Key features include:Intuitive vector drawing and shape toolsAdvanced typography controlsFlexible gradient and pattern fillsSmooth curve editing with bezier handlesPhoto editing...
Pirni Pro image
RESTed icon

RESTed

RESTed is an open-source, cross-platform REST API testing application. It provides a simple and intuitive interface for sending HTTP requests to test REST APIs and view their responses.Some key features of RESTed:Supports all HTTP methods like GET, POST, PUT, DELETE, OPTIONS, PATCH etc.Allows adding custom HTTP headers and body payloadIncludes...
RESTed image
Debookee icon

Debookee

Debookee is a free and open source web browser that focuses on enhancing users' security, privacy protection, and productivity while browsing the web. It is based on Chromium and developed by an independent team of developers.Some key features that make Debookee stand out include:Built-in ad blocking and anti-tracking without extensionsEnhanced...
Debookee image
SmartSniff icon

SmartSniff

SmartSniff is a comprehensive network analyzer and packet sniffing software used for network monitoring, analysis, and troubleshooting. It allows users to capture, inspect and log traffic passing through Ethernet and wireless network connections in real-time.With an easy-to-use graphical interface, SmartSniff provides powerful capabilities for gathering insights into network activity and...
SmartSniff image
HTTPScoop icon

HTTPScoop

HTTPScoop is an open-source web debugging proxy built for debugging and testing modern web applications that use HTTPS. It allows developers to intercept, inspect, and modify HTTPS traffic from their web apps or sites.Some key features of HTTPScoop include:Works as a reverse proxy to decrypt, analyze, and re-encrypt HTTPS traffic...
Microsoft Message Analyzer icon

Microsoft Message Analyzer

Microsoft Message Analyzer is a powerful tool for capturing, displaying, and analyzing network traffic and diagnosing issues with systems and applications. Some key features include:Capturing live network traffic or importing capture files (like .pcap files)Powerful filtering, searching, and analysis of network traffic and log messages Displays traffic flow sequence, conversation...
Weer icon

Weer

Weer is a weather app tailored for outdoor adventurers, travelers, and nature lovers. It sets itself apart from traditional weather apps by focusing on hyperlocal weather conditions using data from a crowdsourced network of personal weather stations.Instead of relying solely on airport and government weather stations located miles away, Weer...
Tcpflow icon

Tcpflow

tcpflow is an open source command line tool for capturing TCP traffic flows going through a network. It works by capturing packets from live network interfaces or from packet capture (pcap) files, reassembling TCP streams and sessions, and storing the transmitted application-layer data with relevant TCP metadata like sequence numbers...
Tcpflow image
NetSleuth icon

NetSleuth

NetSleuth is a robust network monitoring and analytics solution designed to provide granular visibility into critical network and application performance metrics. The software includes the following key capabilities:Automatic network mapping and asset discovery - NetSleuth automatically discovers all devices on your network and maps network topology and dependencies.Customizable dashboards -...
NetSleuth image
LanDetective icon

LanDetective

LanDetective is a network security and administration software tool designed for Windows operating systems. It enables users to scan local area networks (LANs) to identify vulnerabilities, open ports, and other security risks.Some key features of LanDetective include:Comprehensive port scanning to detect open TCP and UDP ports on network hostsBanner grabbing...
Packetyzer icon

Packetyzer

Packetyzer is a powerful and easy-to-use network protocol analyzer and packet sniffer for Windows. It allows you to monitor, analyze, and troubleshoot network traffic by capturing live packets, decoding protocols in real-time, generating statistics, checking for errors, and exporting data.Some key features of Packetyzer include:Captures live packets from Ethernet, WiFi,...
Packetyzer image
Uthrottle icon

Uthrottle

Uthrottle is a free, open-source internet traffic shaper and bandwidth limiter application for Windows. It gives users control over their internet bandwidth usage by allowing them to set limits for both overall usage as well as on a per-application basis.Some key features of Uthrottle include:Set global download/upload speed limits for...
Uthrottle image
GraphicalHttpClient icon

GraphicalHttpClient

GraphicalHttpClient is an open-source, cross-platform application that provides a graphical user interface for sending HTTP requests and viewing HTTP responses.Some of the key features of GraphicalHttpClient include:Supports common HTTP methods like GET, POST, PUT, DELETE, etc.Allows composing requests by entering URLs, headers, query parameters, and request bodiesDisplays full server response...
GraphicalHttpClient image
Slowy icon

Slowy

Slowy is a free and open-source cross-platform media player application designed with simplicity in mind. Originally developed as a minimalist audio player, Slowy has evolved to support a wide range of media codecs and formats including support for audio formats like MP3, FLAC, WAV as well as support for common...
Slowy image
PacketsDump icon

PacketsDump

PacketsDump is a powerful and free network packet analyzer and sniffer software for Windows. It provides extensive capabilities for capturing, filtering, analyzing, and troubleshooting network traffic. Some key features of PacketsDump include:Real-time capture and offline analysis of network packetsSupport for common protocols like TCP, UDP, ICMP, HTTP, DNS, and moreDetailed...
PacketsDump image
Termshark icon

Termshark

Termshark is a powerful network protocol analyzer that runs entirely in your terminal. It provides functionality similar to the popular Wireshark tool but without requiring an X Window environment. Just like Wireshark, Termshark allows you to capture packets in real-time, filter them based on various criteria, inspect protocol data, extract...
Termshark image