If you spend any time in Wireshark, you probably know what strings to look for given a certain string of hex information or text capture. You know that a header should look a certain way. Or maybe you’ve spent so much time that you can tell the difference between the types of files being sent in Wireshark. The truly great folks can pick it out of a string of random gibberish, not unlike the operators in The Matrix.
For the rest of us, there’s an awesome new tool to help. Written by Erik Hjelmvik, NetworkMiner does all the hard work of assembling those bits of code into something more familiar. It can reassemble files from packet captures and provide you with a list so you can see if someone was sending things in clear text or using more secure methods. NetworkMiner can also sniff out usernames and passwords that were captured, including email logins and even Kerberos hashes. This means is a great way to see if anyone is still using insecure methods to log into devices and services on your network.
Erik even tells you how easy it is to use:
So why not give NetworkMiner a try next time you want to extract a few files from a capture file or get an overview of what’s going on in a capture? It’s a free tool that doesn’t even require an installation, you just extract the zip file and run it!
If you want to give NetworkMiner a try, check out this blog post for more info: Intro to NetworkMiner
- Multi-Cloud Fabric with Arrcus - July 30, 2020
- IoT Doesn’t Need Wi-Fi 6E – The On-Premise IT Roundtable - July 28, 2020
- Introducing Security Field Day 4 - July 21, 2020
- Cisco SecureX Roundtable - July 14, 2020
- Cisco Intent-based Networking Roundtable - July 13, 2020
- Tomversations: Episode 5 – End-to-End Encryption - July 9, 2020
- Cisco Live Interview with Khalid Raza - July 2, 2020
- The New Branch with Riverbed SD-WAN - June 30, 2020
- AI Can’t Do Much for WiFi – The On-Premise IT Roundtable - June 30, 2020
- Tomversations: Episode 4 – Edge Computing - June 25, 2020