NetSleuth identifies and fingerprints network devices by silent network monitoring or by processing data from PCAP files.
NetSleuth is an opensource network forensics and analysis tool, designed for triage in incident response situations. It can identify and fingerprint network hosts and devices from pcap files captured from Ethernet or WiFi data (from tools like Kismet).
- An easy realtime overview of what devices and what people are connected to any WiFi or Ethernet network.
- Free. The tool can be downloaded for free, and the source code is available under the GPL.
- Simple and cost effective. No requirement for hardware or reconfiguration of networks.
- “Silent portscanning” and undetectable network monitoring on WiFi and wired networks.
- Automatic identification of a vast array of device types, including smartphones, tablets, gaming consoles, printers, routers, desktops and more.
- Offline analysis of pcap files, from tools like Kismet or tcpdump, to aid in intrusion response and network forensics.