Network Miner is a Network Forensics Analysis Tool that is used to analyze packet captures and other valuable network data in an investigation. Network Miner functions as a passive network sniffer or packet capturing tool in order to detect operating systems, sessions, hostnames, open ports and more. Other features include advanced operating system fingerprinting, web browser tracing and DNS Whitelisting. NetworkMiner makes it easy to perform advanced Network Traffic Analysis (NTA) by providing extracted artifacts in an intuitive user interface. The way data is presented not only makes the analysis simpler, it also saves valuable time for the analyst or forensic investigator.
NetworkMiner traditionally works with Windows but is also available for Linux, Mac OS and other environments. NetworkMiner is a feature rich software that enables the user to access highly useful forensics data from computer networks. This can include information such as usernames and password credentials that are transmitted over a network. Other data that can be extracted with NetworkMiner includes image files, documents sent over unsecured protocols, email data and advanced OS fingerprinting. There is a free and paid version of the software available for download. About 70% of the paid features are still available in the free version making it a highly relevant tool for network forensics.