{"id":2687,"date":"2010-06-23T11:46:59","date_gmt":"2010-06-23T10:46:59","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=2687"},"modified":"2015-09-09T19:37:31","modified_gmt":"2015-09-09T11:37:31","slug":"nwmap-v0-1-released-map-network-from-pcap-file","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2010\/06\/nwmap-v0-1-released-map-network-from-pcap-file\/","title":{"rendered":"nwmap v0.1 Released &#8211; Map Network From PCAP File"},"content":{"rendered":"<p>[ad]<\/p>\n<p>This is a neat little tool especially for people doing <a href=\"https:\/\/www.darknet.org.uk\/tag\/penetration-testing\/\">penetration testing<\/a> assignments, especially if you&#8217;ve done some packet dumps and have PCAP files you can use nwmap to map out live IP addresses.<\/p>\n<p>I&#8217;d guess it&#8217;d be used in the information gathering stage before you fire up your <a href=\"https:\/\/www.darknet.org.uk\/tag\/port-scanner\/\">port scanners<\/a> etc.<\/p>\n<p>nwmap is basically a Perl script which takes a PCAP file as input and identifies valid subnets in the file. It then assumes a netmask of \/24 and searches all those subnets for live IPs. It then groups all the IP addresses based on the number of hops. <\/p>\n<p><strong>Requirements<\/strong><\/p>\n<p>Make sure you have the following:<\/p>\n<ul>\n<li>sort<\/li>\n<li>host(DNS lookup)<\/li>\n<li>nmap(Port scanner)<\/li>\n<li>tcptraceroute(traceroute to IP addresses)<\/li>\n<li>Tshark(Network sniffer)<\/li>\n<\/ul>\n<p>You can download nwmap here:<\/p>\n<p><a href=\"http:\/\/sourceforge.net\/projects\/nwmap\/files\/nwmap_0.1.tar.gz\/download\">nwmap_0.1.tar.gz<\/a><\/p>\n<p><!--adsense#New468--><\/p>\n<p>Or read more <a href=\"http:\/\/sourceforge.net\/projects\/nwmap\/\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[ad] This is a neat little tool especially for people doing penetration testing assignments, especially if you&#8217;ve done some packet dumps and have PCAP files you can use nwmap to map out live IP addresses. I&#8217;d guess it&#8217;d be used in the information gathering stage before you fire up your port scanners etc. nwmap is [&hellip;]<\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[9,5],"tags":[215,5532],"featured_image_src":null,"featured_image_src_square":null,"author_info":{"display_name":"Darknet","author_link":"https:\/\/www.darknet.org.uk\/author\/darknet\/"},"_links":{"self":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/2687"}],"collection":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/comments?post=2687"}],"version-history":[{"count":0,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/2687\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/media?parent=2687"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/categories?post=2687"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/tags?post=2687"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}