|
|
NetworkMiner is already packaged on Ubuntu:
https://launchpad.net/~securityonion/+archive/test/+packages?field.name_filter=miner&field.status_filter=published&field.series_filter= |
|
|
|
Good call @2xyo!
However, please use the NetworkMiner package in the stable branch instead:
https://launchpad.net/~securityonion/+archive/stable/+packages?field.name_filter=miner&field.status_filter=published
This is the debian package created by Doug Burks for the Security Onion Live DVD. |
|
|
|
This doesn't sniff on a live interface as it should and even the Security Onion package won't either.
If you wish to have it included in Kali, you will need to do the leg-work in getting it running properly. If you can do so, feel free to re-open this ticket. |
|
|
|
The purpose of having NetworkMiner in Kali is not in order to sniff packets. Tools like tcpdump and even the meterpreter sniffer already do a fine job capturing network packets to a PCAP file.
What makes NetworkMiner useful for Kali is its ability to parse PCAP files and extract interesting details such as passwords, downloaded files, browser cookies, lanman hashes, emails etc. |
|
|
|
We are not going to deliberately include a partially functional tool in the distribution.
If there comes a point where it can fully work, reopen the ticket. |
|
|
|
The old way of doing live sniffing with NetworkMiner has now been completely removed from the application in version 1.6 and newer.
Here's a screenshot of the updated GUI without annoying non-functional sniffing buttons:
http://www.netresec.com/images/NetworkMiner_1-6_on_OS_X_818x536.png
Also, recommended practice for analyzing network traffic with NetworkMiner is to do one of the following:
- Load a PCAP file
- Use Pcap-over-IP to do live sniffing: http://netresec.com/?b=119B126
I hope these changes make NetworkMiner qualify for being part of Kali! |
|
|
|
To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):
- [Name] - The name of the tool
- [Version] - What version of the tool should be added?
--- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
- [Homepage] - Where can the tool be found online? Where to go to get more information?
- [Download] - Where to go to get the tool?
- [Author] - Who made the tool?
- [Licence] - How is the software distributed? What conditions does it come with?
- [Description] - What is the tool about? What does it do?
- [Dependencies] - What is needed for the tool to work?
- [Similar tools] - What other tools are out there?
- [How to install] - How do you compile it?
- [How to use] - What are some basic commands/functions to demonstrate it?
|
|
|
|
Name and version: NetworkMiner 2.2
Website: http://networkminer.com/ (link to source code available, GPLv2)
Download link: https://www.netresec.com/?download=NetworkMiner
Author: Erik Hjelmvik
License: GPLv2
Description: Network Forensics tool for parsing PCAP files. Extracts files, usernames, passwords, hashes, emails etc. from PCAP files.
Similar tools: Wireshark, Xplico
How to install: http://netres.ec/?b=142AA47
How to use: mono /opt/NetworkMiner_2-2/NetworkMiner.exe ~/Downloads/dump.pcap
You'll find more examples of how to use NetworkMiner here:
https://www.netresec.com/?page=Blog&tag=NetworkMiner |
|
|
|
Last Update: 2015-08-07 |
|
|
|
No update from upstream since 2015 |
|
