Thumbnails of extracted images in NetworkMiner 2.5
This image list can give a quick overview of what is going on in the capture file. Files extracted by NetworkMiner 2.5Įxtracted files that are recognized as images are also shown as thumbnails on the images tab. In fact, NetworkMiner automatically extracts files from protocols like FTP, TFTP, HTTP, HTTP/2, SMB, SMB2, SMTP, POP3, and IMAP as soon as a pcap file is opened. You can solve such tasks with Wireshark too, but NetworkMiner will save you time and spare you some tedious manual work. Many users turn to NetworkMiner when it comes to extracting artifacts, such as files or credentials from pcap files.
But there are a few other free and open source alternatives that are sometimes overlooked, one of which is NetworkMiner (disclaimer: I’m the creator of NetworkMiner). Wireshark is the default goto tool for analyzing captured network traffic for most network engineers. This is a guest blogpost by Erik Hjelmvik, an e xpert in network forensics and network security monitoring at NETRESEC.
0 kommentar(er)
