If you spend any time in Wireshark, you probably know what strings to look for given a certain string of hex information or text capture. You know that a header should look a certain way. Or maybe you’ve spent so much time that you can tell the difference between the types of files being sent in Wireshark. The truly great folks can pick it out of a string of random gibberish, not unlike the operators in The Matrix.
For the rest of us, there’s an awesome new tool to help. Written by Erik Hjelmvik, NetworkMiner does all the hard work of assembling those bits of code into something more familiar. It can reassemble files from packet captures and provide you with a list so you can see if someone was sending things in clear text or using more secure methods. NetworkMiner can also sniff out usernames and passwords that were captured, including email logins and even Kerberos hashes. This means is a great way to see if anyone is still using insecure methods to log into devices and services on your network.
Erik even tells you how easy it is to use:
So why not give NetworkMiner a try next time you want to extract a few files from a capture file or get an overview of what’s going on in a capture? It’s a free tool that doesn’t even require an installation, you just extract the zip file and run it!
If you want to give NetworkMiner a try, check out this blog post for more info: Intro to NetworkMiner
- Predicting Data Patterns with Cradlepoint - January 16, 2020
- How Do RFC3161 Timestamps Work? - January 15, 2020
- Testing the Whole System with NetAlly EtherScope nXG - January 14, 2020
- Stupid Network Tricks - January 14, 2020
- There Is No Layer-2 in Public Cloud - January 8, 2020
- Assuring Your Service Level with Ixia IxProbe - January 8, 2020
- Wi-Fi and the Netflix Effect - December 27, 2019
- Figure Out What Problem You’re Trying to Solve - December 20, 2019
- Ensuring Unified Communications Success with NETSCOUT - December 19, 2019
- Network Stability Through Resilience Engineering - December 18, 2019