NetworkMiner 2.0 Released

NetworkMiner 2.0An update to one of our favorite network forensics tools has just been released. Whether it is a network challenge or real-world incident, NetworkMiner can help you carve through PCAP content fairly easy. The new version of NetworkMiner adds a bunch of new features, including file extraction from SMB write operations, a parser for SMB2, more SCADA commands, and a PLC parser.

One of the biggest new features though is a keyword filtering capability that eases indicator searches that may happen during investigations. Data in the Files, Parameters, DNS, Messages, and Sessions tabs are supported. To complement the filtering capability, data displayed in the Parameters tab has also expanded. New HTTP parameters include request methods, URIs, response status codes, and headers. There is also additional support for SMB and SMB2 parameters.

But that’s not all. New features in the Professional version add host OS fingerprinting, a new tab for analyzing web browser sessions, user settings that persist across executions, and improved log exports (new XML and better CSV formats). Checkout a the full 2.0 release details here.


Today’s post pic is from See ya!


5 comments for “NetworkMiner 2.0 Released

  1. February 11, 2016 at 1:23 am

    BLOGGED: NetworkMiner 2.0 Released

  2. February 11, 2016 at 6:30 am

    NetworkMiner 2.0 Released #iSecNews

  3. February 11, 2016 at 7:06 am

    NetworkMiner 2.0 Released #iSecNews

  4. February 11, 2016 at 8:10 am

    NetworkMiner 2.0 pushed with some cool new features…

  5. February 11, 2016 at 10:00 am

    Now with column filtering, more SCADA support, & a new PLC parser, NetworkMiner 2.0 just released.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.