{"id":2687,"date":"2010-06-23T11:46:59","date_gmt":"2010-06-23T10:46:59","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=2687"},"modified":"2015-09-09T19:37:31","modified_gmt":"2015-09-09T11:37:31","slug":"nwmap-v0-1-released-map-network-from-pcap-file","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2010\/06\/nwmap-v0-1-released-map-network-from-pcap-file\/","title":{"rendered":"nwmap v0.1 Released – Map Network From PCAP File"},"content":{"rendered":"
[ad]<\/p>\n
This is a neat little tool especially for people doing penetration testing<\/a> assignments, especially if you’ve done some packet dumps and have PCAP files you can use nwmap to map out live IP addresses.<\/p>\n I’d guess it’d be used in the information gathering stage before you fire up your port scanners<\/a> etc.<\/p>\n nwmap is basically a Perl script which takes a PCAP file as input and identifies valid subnets in the file. It then assumes a netmask of \/24 and searches all those subnets for live IPs. It then groups all the IP addresses based on the number of hops. <\/p>\n Requirements<\/strong><\/p>\n Make sure you have the following:<\/p>\n You can download nwmap here:<\/p>\n\n