Netifera v1.0 released

Netifera is a new modular open source platform (OSX and Linux supported) for creating network security tools. This project provides many advantages for both security developers and researchers who want to implement new tools as well as the community of users of these tools.

Tools

* Full IPv6 support
* TCP and UDP network scanning
* Service detection
* Operating system identification
* Reverse DNS scanning
* DNS name brute forcing
* DNS zone transfer information gathering
* Geographical information about network addresses
* Authentication brute force attack (against HTTP authentication, FTP, IMAP, and POP3)
* Web crawler discovers web applications, collect email addresses and adds the web site structure to the data model
* Integrated terminal for connecting to and interacting with network services

Passive Tools

  • Modular packet capture service
  • Capture packets on multiple interfaces simultaneously
  • Parse ’pcap’ format capture files as input to sniffing modules
  • HTTP traffic analysis
  • DNS information gathering from captured responses
  • Network stack fingerprinting
  • Service detection from captured banners and protocol packets
  • Client application detection
  • Credential sniffing for many protocols

Data Model

All information discovered by the netifera platform is persistently stored in a workspace database. Our extension design allows for developers to easily create their own data types and integrate them into the platform.
User Interface

Our platform provides an intuitive and professional quality graphical user interface for using the tools written for our platform and navigating the information they produce. Different tasks in our application such as sniffing information from the network, or actively collecting information by scanning networks, or exploring the local environment of a remotely deployed probe (coming soon! ) each have a specialized configuration of the user interface called a ’perspective’
Programming API

The netifera platform brings together high quality programming APIs for tasks such as:

  • High performance asynchronous socket connection and communication
  • Link level packet capture and raw socket injection
  • 802.11 monitor mode packet capture and injection (coming soon! )
  • Network protocol header construction and analysis (ethernet, ip, tcp, etc...)
  • Application layer protocol libraries (http, dns, ftp, etc...)

Tool Submitted by K.Pilsen

Post scriptum

Compliance Mandates

  • Network Discovery :

    PCI DSS 11.2, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Comments

Related Articles

Netifera
Network Discovery
Vulnerability Scanner