background preloader

NetworkMiner - The NSM and Network Forensics Analysis Tool

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows (but also works in Linux / Mac OS X / FreeBSD). NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files. NetworkMiner makes it easy to perform advanced Network Traffic Analysis (NTA) by providing extracted artifacts in an intuitive user interface. The way data is presented not only makes the analysis simpler, it also saves valuable time for the analyst or forensic investigator. NetworkMiner has, since the first release in 2007, become a popular tool among incident response teams as well as law enforcement. NetworkMiner showing files extracted from sniffed network traffic to disk NetworkMiner showing thumbnails for images extracted to disk

http://www.netresec.com/?page=NetworkMiner

Related:  Tools and UtilitiesUtilSecurity & Analysis Tools

PsExec Introduction Utilities like Telnet and remote control programs like Symantec's PC Anywhere let you execute programs on remote systems, but they can be a pain to set up and require that you install client software on the remote systems that you wish to access. PsExec is a light-weight telnet-replacement that lets you execute processes on other systems, complete with full interactivity for console applications, without having to manually install client software. PsExec's most powerful uses include launching interactive command-prompts on remote systems and remote-enabling tools like IpConfig that otherwise do not have the ability to show information about remote systems.

100+ Sites to Download All Sorts of Things These days you can find all sorts of things online, from audio books to flash files, from sound effects to CSS templates. Below we compiled a list with over 100 download sites that serve that purpose. We will also try to keep the list updated, so if your favorite download site is not here, let us know about it with a comment. Audio Books Librivox: One of the most popular audio libraries on the web. The LibriVox volunteers record books that are in the public domain and release them for free.

Zenmap - Official cross-platform Nmap Security Scanner GUI Zenmap is the official Nmap Security Scanner GUI. It is a multi-platform (Linux, Windows, Mac OS X, BSD, etc.) free and open source application which aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. Frequently used scans can be saved as profiles to make them easy to run repeatedly. Nessus Vulnerability Scanner Detect & Assess Nessus is continuously updated with information about advanced threats and zero-day vulnerabilities, and new types of regulatory compliance configuration audits. Report & Take Action Report what matters to responsible parties with exploitability, severity modification, scan scheduling and deliver remediation reports via targeted emails.

HyperTerminal Alternatives for Windows 7 If you’ve recently upgraded to Windows 7 and are wondering what happened to HyperTerminal, you’re not alone! HyperTerminal was a sweet little program that let you connect to other computers, Telnet sites, host computers, BBSs, etc using your modem or Ethernet connection. In Windows 7 and Vista, you will no longer find the HyperTer minal program. If you need HyperTerminal to control serial devices, there is a way to get it back!

Online TraceRoute - SubnetOnline.com "Your online IP subnet calculator and network tools collection..." Traceroute is a computer network tool used to determine the route taken by packets across an IP network. The traceroute tool is available on practically all Unix-like operating systems. Variants with similar functionality are also available, such as tracepath on modern Linux installations and tracert on Microsoft Windows operating systems. Windows NT-based operating systems also provide pathping, which provides similar functionality. Source: WikiPedia

PuTTY Download Page Home | Licence | FAQ | Docs | Download | Keys | Links Mirrors | Updates | Feedback | Changes | Wishlist | Team PuTTY is a free implementation of SSH and Telnet for Windows and Unix platforms, along with an xterm terminal emulator. It is written and maintained primarily by Simon Tatham. The latest version is beta 0.67. LEGAL WARNING: Use of PuTTY, PSCP, PSFTP and Plink is illegal in countries where encryption is outlawed. We believe it is legal to use PuTTY, PSCP, PSFTP and Plink in England and Wales and in many other countries, but we are not lawyers, and so if in doubt you should seek legal advice before downloading it.

Wireshark Display Filter Examples (Filter by Port, IP, Protocol) While debugging a particular problem, sometimes you may have to analyze the protocol traffic going out and coming into your machine. Wireshark is one of the best tool used for this purpose. In this article we will learn how to use Wireshark network protocol analyzer display filter. 1. ssh(1): OpenSSH SSH client Name ssh - OpenSSH SSH client (remote login program) Synopsis Splunk For Application Development, DevOps and APM Splunk® software allows you to quickly identify and pinpoint code-level issues at any stage of the development and release process. Only Splunk enables you to: Find and fix bugs quickly so you can ship product fasterGain insights into application usage and user behaviorGet real time, mission-critical visibility into every step, system and process involved in building, testing and shipping new products to your customers

Music Text Composition Generator ( A free online music utility) The P22 Music Text Composition Generator allows any text to be converted into a musical composition. This composition is displayed in musical notation and simultaneously generated as a midi file. 1. Measuring Disk Latency with Windows Performance Monitor (Perfmon) - Ask the Core Team My name is Flavio Muratore and I am a Senior Support Escalation Engineer with the Windows Core Team. One subject we haven’t written much about in the Core team blog is “disk performance”. Today I would like to talk a little bit about measuring Physical Disk IO Latency with Windows Performance Monitor (perfmon). Most likely you have some experience with Perfmon, it’s been around since the NT days. You have probably heard general statements about what are acceptable disk latency measurements: “Less than 10 milliseconds is good and more than 20 milliseconds is bad”. Although these rules of thumb are used to simplify analysis, they do not apply in all cases and may lead to incorrect conclusions.

Related: